Identities are cheap: That’s why users are a target

For users, having an identity stolen is an expensive, painful experience. For hackers, stealing an identity is barely enough to cover a bar tab. 

Dell SecureWorks recently scoured the black market to see the going rate for various hacking attacks and the hauls they bring in. What it found: Online life is cheap.

Take, for instance, identity theft. A full identity goes for $30, slightly up from $25 last year. Individual credit cards can go for as little as $13 a pop, and some come with guarantees that they’ll work or they’ll be replaced.

Hacks aren’t much more of an investment. Ne’er-do-wells can purchase a remote access Trojan (RAT) attack for $20-$50. Or, if they prefer a do-it-yourself approach, manuals that explain how to launch hacking attacks are available for as little as one dollar.

A volume business

No one is getting rich off of selling a $30 identity. For hackers, it’s all about volume.

The result is that every individual user’s account and every business, which contains sensitive personal information, is a target.

For instance, while it wasn’t necessarily the end goal of the Sony Pictures hack, employees’ identities were among the collateral damage that was leaked online.

Make sure users know they’re probably going to be the target of at least one attack aimed at stealing personal information, be it phishing or another form of hacking. They should keep antivirus up-to-date and know the signs of a phishing attack.

And to be good stewards of your users’ personal information, make sure you have any personal information isolated from the rest of your systems. It won’t prevent every leak, but an extra layer of password protection could be enough to keep users’ identities safe.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy