Analysis reveals 6m stolen payment cards on dark web

NordVPN's recent research has unveiled a staggering number of stolen payment cards on the dark web, raising concerns about the susceptibility of Australian payment cards to fraud.

The study found that 63% of these cards were bundled with additional private information, intensifying the potential risks faced by victims.

This revelation is deemed just "the tip of the iceberg" by experts, urging authorities and individuals to take immediate action.

Australian payment cards

NordVPN's card fraud risk index revealed that Australian payment cards rank as the second most fraud-prone globally, with a risk index score of 0.91 on a scale of 0 to 1.

Out of the 6 million analyzed stolen payment cards, approximately 1.1% (65,350) belonged to Australians, placing the country as the 10th most affected nation.

The average price for Australian cards on the dark web was estimated at A$9.82, slightly below the global average of A$10.42.

Sophisticated methods and data bundling

Contrary to previous assumptions, the researchers found that payment card theft was not solely a result of brute-force attacks. Instead, cybercriminals employed more sophisticated techniques, such as phishing and malware, to obtain victims' payment card details.

Notably, a significant portion of the stolen cards was bundled with additional private information, including addresses, phone numbers, email addresses, and even Social Security numbers.

This new level of sophistication has raised concerns among experts, indicating that the danger extends beyond the stolen cards alone.

Top risk index countries and targeted regions

NordVPN researchers conducted a comprehensive analysis of credit card theft risks across 98 countries, with Malta, Australia, and New Zealand topping the risk index. On the other hand, Russia ranked lowest in terms of risk, while China placed third from the bottom. These findings align with the prevailing notion that large-scale hacking operations primarily target Anglo-European countries.

Identity theft and potential consequences

The sale of the analyzed database of stolen payment card details could potentially yield cybercriminals over A$27.5 million.

The inclusion of personal information, such as home addresses, phone numbers, email addresses, and dates of birth, significantly increases the risk of identity theft.

Attackers may exploit this information for malicious purposes or engage in further illicit activities. Safeguarding personal information becomes paramount in light of these alarming findings.

US dominance and recommendations for protection

Of the 6 million stolen credit card records analyzed, a staggering 58.1% originated from the United States. This can be attributed to factors such as high card penetration, a large population, and a robust economy.

However, the price commanded by stolen US cards on dark web marketplaces was relatively low compared to other countries.

Security tips

Experts recommend the following measures to enhance online security:

1. Use strong passwords: Employ unique, complex passwords for each account and store them securely in an encrypted password manager
2. Utilize banking apps: Monitor financial transactions using your bank's app, enabling real-time notifications for any unusual deductions
3. Respond to data breaches: Act promptly by changing usernames and passwords if informed of involvement in a data breach, and updating credentials across various platforms
4. Employ anti-malware software: Protect devices with reliable anti-malware software, guarding against malicious files and info-stealing viruses

Have something to say about this story? Let us know in the comments below.