Credit cards are so yesterday: 3 things hackers want now

Hackers are nothing if not business savvy. They go where there’s money to be made. 

For a long time, that was stolen payment information. A credit card in the wrong hands could be worth massive amounts of time and energy to obtain. But not anymore.

The value of stolen cards has seriously declined. They may only be worth $5 on the open market, thanks to chip-and-PIN technology and enhanced security measures. So what do hackers want to go after instead?

1. Medical records

Most medical companies and providers have access to a treasure trove of data: up-to-date Social Security numbers, home addresses, phone numbers, payment information, etc.

Rather than stealing a credit card, hackers can use the information you’ve given your doctor or insurance company to open a line of credit instead. Not only do these attacks provide great value to hackers, they also make it very difficult for users to recover from.

2. Trade secrets

Cyber espionage and stealing trade secrets can lead to big pay days. More often than not, attackers don’t go looking for specific information. Rather, they try to gain entry into a system and then sort out later if there’s anything worth keeping for themselves or selling to the highest bidder.

Always assume that any information you have is of value to someone and guard it jealously.

3. Tax information

In case you haven’t noticed, tax season is upon us. And every year, Americans go to file their taxes only to learn that a return has already been filed in their name.

The IRS is warning of return fraud, in which stolen W-2 or other tax information is used to collect someone else’s refund. You might have a hard time imagining someone wanting to do multiple people’s tax returns, but when you consider that the payment can be sent to a bank account and then never be returned, it makes a little more sense.

Businesses should be wary of emails from bosses, payroll departments or other higher ups requesting that Forms W-2 or other tax info be emailed to them. Often, this is a hacker pretending to be making the request as a CEO or other company official.