>
Bank details of over 160,000 Brits are being sold on the dark web for just £4.61 each – how to keep your data safe
- Criminals are selling the bank details of more than 160,000 Britons on the dark web
- Many come with a ‘treasure trove’ of other sensitive information
- This includes home addresses, telephone numbers and social security numbers
Criminals are selling the bank details of more than 160,000 Britons on the dark web – for just £4.61 each.
Many come with a “treasure trove” of other sensitive information, including home addresses, phone numbers, and social security numbers.
Cybersecurity specialists NordVPN said victims had likely been hacked without their knowledge and were now at serious risk of identity fraud.
A trawl through illegal online marketplaces by researchers found that the UK had the most stolen card details than any other country in Europe.
They were third globally behind the US and India – despite having a fraction of their population.
Criminals are selling the bank details of over 160,000 Britons on the dark web – for just £4.61 each (stock image)
One in ten people in the UK – about five million in total – are scammed every year via their debit or credit card, previous research has found.
Victims lost an average of £833, but they are usually protected by their bank if the payment is deemed ‘unauthorised’.
In total, NordVPN found a total of 164,143 UK map data listed on the dark web.
This is almost as many as the next two largest European victims, France (97,032) and Italy (78,676), combined.
Just over half of these were debit cards and about a third were credit cards. They sold for an average of £4.61 each – a fifth lower than the global average of £5.61.
Adrianus Warmenhoven, cybersecurity expert at NordVPN, says: “The card numbers found are just the tip of the iceberg when it comes to payment fraud.
“This is a crime with a huge ripple effect and the additional information being sold makes it much more dangerous as a skilled criminal can use it to obtain more personal data.
In total, NordVPN found a total of 164,143 UK map data listed on the dark web. This is almost as many as the next two largest European casualties, France (97,032) and Italy (78,676), combined
“Once an attacker has obtained the name, home address, and email address of the victim, they can even abuse legal methods, such as using the GDPR, to proceed with identity theft or other malicious activities.
In the past, experts linked payment card fraud to brute force attacks – when a criminal tries to guess a payment card number and security code to use the victim’s card.
However, most of the cards found were sold along with their victims’ email and home addresses, which are impossible to force through brute force. So we can conclude that they were stolen using more sophisticated methods, such as phishing and malware.’
NordVPN’s Card Fraud Risk Index measures how likely payment information is to appear on the dark web, relative to factors such as a country’s population and cards in circulation – along with the risks of it being sold with additional identifiers.
The UK ranks 22nd on the index, with Malta, New Zealand and Australia the three riskiest countries.
Russia finished at the bottom of the risk index, indicating that the country was primarily a perpetrator rather than a victim of card fraud.