If you've never seen a fraudulent charge on your credit card statement, consider yourself lucky. It's no secret that card data is bought and sold on the Dark Web, but the extent and ease of this commerce might be worse than you imagined. A new report from NordVPN puts it in perspective.
Nord didn't go to a Tor server and download a bunch of illegal databases full of credit card numbers (we're taking it on faith). But it did partner with some unnamed cybersecurity researchers who were evaluating these databases—one in particular had obtained 4.5 million credit card records. But that data was redacted from what Nord worked with. Nord then calculated a risk index for every country in the world, mapped above. The closer your country is to a 1 on the index, the more likely your card is to be available already on the Dark Web.
It's easy to see that the United States is way up there, with 1.6 million card numbers for sale—the most of any country. Nord went further and broke it down by state.
The numbers are quite high in the well-populated states of California, Texas, Florida, and New York. The more cards you have, the higher your risk, naturally.
Among the things Nord found is that the average cost of getting a credit card record is $10. The price seems low, which might make you feel even worse. But the actual worst part is that price can still net a hacker plenty if they have hundreds, thousands, or even millions of card numbers to sell.
Dark Web lists aren't compiled only from massive data breaches anymore. Some cards info is "brute forced," which is really more like highly educated guessing to figure out a card's numbers. It's easier than it sounds: Nord provides an interactive diagram explaining how it works. For example,
Read more on pcmag.com