Our online lives are built around the fiction that we will never be targeted by scammers or hackers — but in reality, thousands of stolen credit cards are sold on dark web marketplaces every day. Often, these card details are bundled with valuable personal information that lets criminals commit identity fraud or phishing attacks.
NordVPN researchers have analyzed a dataset of six million credit cards on eight major dark web marketplaces to understand the risks posed by credit card theft. Chillingly, this sample represents only a small fraction of all stolen payment information available on the dark web — it is but the tip of the iceberg of credit card theft worldwide.
Our research shows that the majority of stolen cards come bundled with at least some private information, such as an address, phone number, or email address. Because it is impractical to obtain personal details through brute force methods, we can conclude that the associated records were obtained through other means — such as sophisticated hacks or data breaches.
Over half of the 6 million stolen credit card records analyzed came from the US, most likely due to its high rates of card penetration, sizable population, and strong economy. However, stolen US cards commanded a comparatively low price ($6.86 as opposed to the $7.01 average) on dark web marketplaces — the most valued cards (at $11.54 on average) were from Denmark.
Based on their findings, NordVPN researchers have calculated the risks posed by credit card theft and related cyberattacks to residents in 98 countries. Malta, Australia, and New Zealand came at the very top of the risk index, with the US closely following in 5th place.
On the other end of the spectrum, Russia had the lowest risk score, and China was 3rd from last. These findings seem to confirm prevailing hypotheses regarding the location of large-scale hacking operations and the purposeful targeting of Anglo-European countries.
Looking for assets to help you report on our research? Look no further.
Our analysis uses data provided by independent researchers to see just how widespread payment card data theft can be. Find out how thieves can get card details without ever even stealing them.
Digital bots are becoming increasingly common. They operate in fields such as customer service, search engine optimization, and entertainment. Yet not all bots may serve good intentions – many of them can be malicious.
Experts have analyzed a dark web marketplace to reveal what it can tell us about online cybersecurity risks. Our case study in collaboration with independent third-party researchers’ work may help you stay safer online and off.