There’s a lot of information for sale on the Web's black market – and some of it might belong to you.
Adding to an endless series of reports on Internet security breaches, cybersecurity firm Hold Security LLC revealed this week that it discovered stolen credentials from some 360 million accounts available for sale on the underground Internet. Although it’s unclear now where the attacks were focused, the information unearthed includes user names and largely unencrypted passwords that could lead to anything from online bank accounts to huge corporate networks. Hold Security last year uncovered a massive hack at Adobe Systems that surfaced tens of millions of email addresses and encrypted passwords; this latest breach reportedly includes one attack that alone yielded more than 100 million records.
Welcome to the shadowy “deep Web,” where, along with drugs, weapons and hit men, one can purchase access to credit cards, online bank accounts, personal and corporate email accounts, health insurance information and much more. A “shopper” with $200 can buy a premium credit card number, secure a Gmail account or even rent a botnet that can infect networks of computers and be used to spread spam, launch denial of service attacks to major websites, attack bank computers and more. Those looking to purchase these items use tools such as Tor, which includes an identity-masking browser.
Yahoo Finance took a virtual shopping trip to browse what was available for purchase at this vast illicit Internet mall (naturally, we were just looking — not buying). The sales here can come and go very quickly, and items are often priced by the level of difficulty attached to obtaining them (for example, stolen health insurance information can go for as much as $1,300 a pop). Therefore you should view the information below as a simple snapshot of an ever-changing marketplace.
And, after noting how disturbingly simple it is for your information to go on sale, consumers may also want to heed these 10 tips to protect yourself online.