Password. (Duncan Alfreds, Fin24)
Cape Town – Stolen accounts for online services like Uber are worth more than credit card information on the 'Deep Web', a security company has found.
According to a report by Trend Micro, stolen Uber accounts are traded for an average of $3.78, more that credit card numbers which average between $1 and $3.30.
“PayPal accounts were sold at $6.43 (R102.51) with a guaranteed balance of $500 (R7 971.28), Facebook accounts go for about $3.02 (R48.15), Google Voice accounts for 97 cents (R15.46) and Netflix accounts for a mere 76 cents (R12.12),” Trend Micro said in a statement.
The Deep Web is different from the visible internet because it remains hidden from search engines and is not indexed. It is larger than the visible web and often used by people who engage in illicit activities.
“Cyber criminals have cottoned on to the ways they can use stolen Uber accounts to make money. A stolen Uber account can be used to gain a better view of an individual prior to identity theft, or they can charge what CNBC termed ‘phantom rides’ to the stolen accounts,” said Darryn O’Brien, country manager at Trend Micro Southern Africa.
READ: SA active on the Deep Web
Multiple media reports in 2015 said that compromised Uber accounts were being sold in China as the company races ahead with global expansion.
O’Brien said crooks are expanding their reach into personal data to make money.
“Cyber criminals are finding new ways to gain access to personal information that can make them money, and this just happens to be one of them, so users need to be aware.”
Online security firm SplashData recently revealed in its fifth annual report that the most common password was “123456”, unchanged from 2011.
O’Brien advised internet users to ensure basic security practices to thwart criminals.
“Using one password for all social media accounts is dangerous. End-users need to mix up their passwords and change them often. In addition, they should make themselves familiar with all security precautions offered by social media sites and make their security settings robust.”
- Follow Duncan on Twitter