If you’ve never seen a fraudulent charge on your credit card statement, consider yourself lucky. It’s no secret that card data is bought and sold on the Dark Web, but the scale and ease of this trade could be worse than you imagine. A new report from NordVPN puts it into perspective.
Nord didn’t go to a Tor server and download a bunch of illegal databases full of credit card numbers (we take it on faith). But he teamed up with anonymous cybersecurity researchers who were evaluating those databases — one in particular had obtained 4.5 million credit card statements. But that data was stripped from what Nord worked with. North then calculated a risk index for every country in the world, mapped above. The closer your country is to a 1 on the index, the more likely your map is to already be available on the Dark Web.
It’s easy to see that the United States is far up there, with 1.6 million card numbers for sale, the most of any country. Nord went further and broke it down by state.
The numbers are quite high in the well-populated states of California, Texas, Florida and New York. The more cards you have, the higher your risk, of course.
In particular, Nord discovered that the average cost of obtaining a credit card statement is $10. The price seems low, which might make you feel even worse. But the worst part is that the price can still bring a hacker a lot if he has hundreds, thousands or even millions of card numbers to sell.
Dark Web listings are no longer compiled solely from massive data breaches. Some card information is “brutally forced”, which is more like highly educated guessing to figure out the numbers on a card. It’s easier than it looks: Nord provides an interactive diagram explaining how it works. For example, bad guys don’t have to guess all 16 digits – most of the first four digits on cards are identifiers for the type of card (Visa always starts with 4, for example) and the bank that issued it. . A smart enough criminal can crack an account like this in about six seconds, and that includes guessing the three-digit code on the back of the card.
The point to remember is that even if you are never the victim of theft or a breach, your cards are at risk, including your debit cards. The best option is to stay alert. Carefully review your statement each month for any potentially fraudulent activity. Banks are also increasingly using fraud detection systems, so don’t be shocked if your card company calls to inquire about out-of-the-ordinary purchases on your account, or charges you make while traveling. . It’s all part of the constant fight against fraud.
Read the full report at NordVPN.com.