Your card, your address, your life
Our online lives are built around the fiction that we will never be targeted by scammers or hackers — but in reality, thousands of stolen credit cards are sold on dark web marketplaces every day. Often, these card details are bundled with valuable personal information that lets criminals commit identity fraud or phishing attacks.
NordVPN researchers have analyzed a dataset of six million credit cards on eight major dark web marketplaces to understand the risks posed by credit card theft. Chillingly, this sample represents only a small fraction of all stolen payment information available on the dark web — it is but the tip of the iceberg of credit card theft worldwide.
Mapping card theft statistics
Key findings
62.8% of cards “hacked”
Our research shows that the majority of stolen cards come bundled with at least some private information, such as an address, phone number, or email address. Because it is impractical to obtain personal details through brute force methods, we can conclude that the associated records were obtained through other means — such as sophisticated hacks or data breaches.
58.1% of stolen cards issued in the US
Over half of the 6 million stolen credit card records analyzed came from the US, most likely due to its high rates of card penetration, sizable population, and strong economy. However, stolen US cards commanded a comparatively low price ($6.86 as opposed to the $7.01 average) on dark web marketplaces — the most valued cards (at $11.54 on average) were from Denmark.
Malta, Australia, and New Zealand at the top of the risk index, US in 5th place
Based on their findings, NordVPN researchers have calculated the risks posed by credit card theft and related cyberattacks to residents in 98 countries. Malta, Australia, and New Zealand came at the very top of the risk index, with the US closely following in 5th place.
On the other end of the spectrum, Russia had the lowest risk score, and China was 3rd from last. These findings seem to confirm prevailing hypotheses regarding the location of large-scale hacking operations and the purposeful targeting of Anglo-European countries.
Get the full story
Press materials
Looking for assets to help you report on our research? Look no further.
Similar reports
How thieves get payment card data
Our analysis uses data provided by independent researchers to see just how widespread payment card data theft can be. Find out how thieves can get card details without ever even stealing them.
Bot markets: how hackers sell your online identity
Digital bots are becoming increasingly common. They operate in fields such as customer service, search engine optimization, and entertainment. Yet not all bots may serve good intentions – many of them can be malicious.
How hackers can earn 17.3M USD from your data
Experts have analyzed a dark web marketplace to reveal what it can tell us about online cybersecurity risks. Our case study in collaboration with independent third-party researchers’ work may help you stay safer online and off.
