Fraudsters on the dark web could buy your entire personal identity for just £820, according to the UK’s first Dark Web Market Price Index by Virtual Private Network (VPN) comparison service Top10VPN.com.
Bank account logins, passport details and even access to your Netflix account are worth money to bidders on dark web markets – but the low price point of this information will spark concerns that valuable personal details are all too readily available to would-be swindlers online.
The average person has dozens of accounts that make up their online identity – all of which can be hacked and sold. Top10VPN.com’s team of security experts reviewed tens of thousands of listings on three of the most popular dark web markets, Dream, Point and Wall Street Market.
The research found that while bank details will fetch in the vicinity of £168 and Paypal logins around £280, many important personal details are changing hands at a much lower price point.
Dark web bidders can get hold of your passport details for as little as £40, while access to online shopping accounts such as Amazon and Tesco are rarely worth much more than £5. Even eBay accounts with their broad scope for fraud fetch just £26 on the dark web.
Vital communications services, like Skype and T-Mobile, are worth considerably less than a tenner each. With these details, fraudsters could send messages containing phishing links to trusted contacts or get around security features that rely on SMS verification.
On the dark web, even logins to dating sites like Match.com are valuable, and tend to earn bidders on average £2.24 – allowing criminals to ‘catfish’ potential matches, sparking up relationships to manipulate people for financial gain.
The following table details the cost of personal information and the reasons they fetch what they do on the dark web – a full table is below[1]:
| Personal Information Category | Average Value on Dark Web | Sales price explained |
| Paypal login | £279.74 |
By far the most commonly listed items. Sale prices tend to be worth around 10% of the available credit balance. |
| Online bank details | £167.81 | |
| Passport | £39.76 | Digital proof of identity can be used to setup lines of credit. |
| eBay login | £26.20 | Allowing fraudsters to dupe buyers into sending them money for fake listings, and also buy expensive goods with the owner’s funds to intercept and sell-on. |
| Netflix login | £5.99 | A route to identity fraud, giving criminals the bonus of being able to stream content for free. |
| Uber login | £5.02 | There have also been reports of Russians using hacked Uber accounts to run up big bills for Uber journeys the true owner has never taken, sometimes on the other side of the world. |
| Deliveroo login | £3.74 | Fraudsters can use hacked food delivery accounts to order takeaways and drink – satiating their appetite for crime. |
| Skype login | £3.00 | Compromised Skype accounts allow scammers to send ‘phishing’ links to trusted contacts. |
| Match.com login | £2.24 | Stolen details can be used for ‘catfishing’, where you mimic a person’s identity to engage in a relationship to exploit them financially. |
| Instagram login | £0.92 | Pictures of food porn aside, Instagram can provide a good backdoor to identity theft. |
Despite the importance that some attach to sharing sites, social media accounts such as Twitter and Instagram are amongst the least valuable on the dark web – although they do provide a useful backdoor to fraudsters planning to commit identity theft.
Simon Migliano, Head of Research at Top10VPN.com, says: “It might come as some surprise that on the dark web your entire personal identity can be bought for significantly less than the price of a new iPhone X.
“There’s a real concern that with such valuable information changing hands so cheaply, there’s nothing to prevent would-be fraudsters from buying up much as they can in the hope of striking it lucky and draining victims’ bank accounts and credit lines.
“What’s interesting though is that everything seems to have a price on the dark web. This is because it’s not just hacked Paypal accounts and credit cards that represent opportunities for fraud. Many other online accounts contain enough personal info to enable identity theft. It’s also increasingly normal to store payment details in online shopping accounts.
“Some of the accounts we found for sale open the door to even more ingenious scams. A hacked Airbnb account, for example, could allow a scammer to pocket hundreds in booking fees or even stay at high-end properties as a guest and burgle the hosts. At less than £6 initial outlay, that’s very appealing to a cybercriminal.
“Our research is a stark reminder of just how easy it is to get hold of personal info on the dark web and the sheer variety of routes that fraudsters can take to get hold of your money. This really underlines the importance of two-factor authentication and more generally, secure use of websites and apps.”
