After WiFi-wpa2 was broken, global WiFi users began to panic. I am afraid that my data will be stolen in the next second. Do we know why hackers want to steal our data and what is it used for?
At present, identity theft is a gold mine for cybercriminals. In 2016, such crimes reached an all-time high, with losses of up to $16 billion caused by identity fraud and misappropriation. Most people have realized that due to frequent information leakage incidents in the past few years (such as the Yahoo incident in the second half of 2016 and the recent Equifax data leakage incident), the number of identity theft cases will increase in the future. Although identity theft itself is also harmful, its true physical damage is usually manifested after an attacker uses the stolen information for malicious purposes.
Identity theft can have devastating consequences for users, especially when attackers start to target important aspects of their lives – such as insurance, banking, credit cards, and more. Many users don't actually know that they are already threatened, and they are often surprised when they encounter identity theft or fraud.
However, we can't help but ask, where did the stolen information flow? Are they selling in the underground market? Will it be bundled with other stolen information for sale to legitimate companies (like big data analytics and advertising marketing)? Still being used to pay for fraud? Before we delve into the final destination of these stolen information and data, let's first look at how the information was stolen.
1. How is information stolen?
Although high-profile news reports will make us mistakenly believe that hackers are the main reason for information leakage, according to a survey report we have done before, titled "The Reasons for Decrypting Data Disclosure", from 2005 to 2015. Loss or theft of equipment during the year is actually the main cause of information leakage (41%). The second reason is hacking or malware (25%); then unintentional disclosure (17.38%), internal disclosure (12.01%), payment fraud (1.43%), and other unknown reasons.
Second, what did the hacker do with the stolen information?Usually, depending on the type of stolen information, the final flow will also be different. Here are some specific examples of what happens after data is stolen:
Personally identifiable information
Personally idenTIfiable informaTIon (PII) refers to data that can be used to identify, locate, or associate with a particular individual. PII specifically includes name, date of birth, address, social security number, telephone number, and all other data used to distinguish or identify an individual.
PII is the most likely type of data to be stolen, and cybercriminals have a high degree of flexibility in how to use PII. Attackers can often conduct malicious attacks directly on victims, provide fraudulent income tax returns by using loan or credit card information in the name of the victim, and apply for loans in the name of the victim. On the other hand, when these PIIs are sold to marketing companies or companies that specialize in spam campaigns, victims are also indirectly affected by spam/advertising emails and harassing calls.
2. Financial information
Financial information is relevant data used in personal financial activities. This includes bank information, billing accounts, insurance information, and other data that can be used to access accounts or process financial transactions.
When this information is stolen, it may greatly threaten the user's property security. Cybercriminals can use stolen financial information for simple malicious attacks, such as paying bills, conducting fraudulent online transactions, and transferring victim bank assets. More professional cybercriminals and organizations may even make fake credit cards for their own use.
3. Medical information
Medical information refers to data related to personal medical services. This includes medical records, medical insurance, and other related information.
Medical health information is similar to PII information because they contain a large amount of information that can be used to identify a user's personal identity. In addition to revealing the identity of users like PII, medical information can be used in some countries to purchase prescription drugs that are not available at the counter. As a result, drug abuse may result, especially when it comes to drug-related prescription drug policies.
4. Education information
Educational information refers to data related to individual educational records, including transcripts and school records.
While educational information cannot have immediate consequences like financial information, it also places users in potential extortion or fraud threats. Attackers can use educational information to threaten or trick users into meeting their requirements. At the same time, cybercriminals can use this information to disguise students or officials of academic institutions to conduct phishing attacks or social engineering activities.
5. Payment card information
Payment card information refers to information related to data in a personal payment card, including credit card and debit card data and other related information.
These data are similar to financial information because it also directly affects the financial security of the user. However, payment card information may be more dangerous than financial information because it can be used for online transactions and payments/transfers. All in all, financial information and payment card information are closely related to each other.
6. User credentials
User credentials refer to user digital or online account credentials, certificates, and other data, including the username and password of the email account and other online shopping login credentials.
Stolen user credentials can be more dangerous than PII theft because it exposes the victim's online account and puts them at risk of being used maliciously by the attacker. Email is often used to authenticate user credentials or store information from other accounts, so affected email accounts may lead to further identity theft and fraud. Email and social media accounts can also be used to create spam and phishing attacks, while other cybercriminals may use stolen accounts to espionage or steal the intellectual property of the user's organization.
According to our research, there is evidence that these types of information are interrelated. If one type of information (such as medical health information) is stolen, the likelihood of other types of information being compromised increases.
For example, if a cybercriminal manages to master a user's email credentials. For the victim, unfortunately, the email also contains invoice information for the bank card billing information, so that the criminal can access the bank information and apply for any loan that can be applied for in the name of the victim. . If the email also contains the user's Facebook account information, and the password set by the social networking site is also consistent with the password of the user's email account, the criminal can access the social media account to obtain more personal information of the victim. Through repeated attacks, an attacker can obtain a wide range of information sufficient to perform multiple types of identity scams.
3. How much is the value of personal information?In a previous survey we conducted, we asked more than 1,000 respondents worldwide to evaluate the value of their personal information. The results showed that respondents valued their passwords the most:
PII does have real monetary value in the underground market, where the price of these stolen information depends on their availability to the fraudster, the greater the availability, the higher the value, and vice versa. Through the analysis and research of cybercrime data in the underground market, the value of the stolen data we obtained is as follows:
PII data is usually in a single unit and is priced at $1 each;
Complete credit card information with a high credit rating, priced at $25 per copy;
A full set of scanned documents, including passports, driver's licenses, utilities bills, etc., each scan file is priced at $10-35;
In the dark network, the login credentials of various banks around the world, the price of a single account is 200-500 US dollars;
In the United States, the accounts of various mobile phone operators can be sold for up to $14 each;
Mature PayPal and eBay online trading website accounts (accounts with trading history) are priced at up to $300. Accounts with high maturity are unlikely to be flagged as suspicious transactions.
Fourth, how to mitigate the threat of identity theft?Because identity theft is widespread, users and organizations must be careful about all personal information, whether it is personal to the user or a member of the organization. Here are some ways to mitigate or even prevent identity theft:
Implement strong security measures for devices: Users can deploy anti-theft protection measures to ensure that data stored on their devices is not easily accessed or accessed by attackers;
Don't click on suspicious links, programs, or applications: Users must be wary of any suspicious emails and messages sent from untrusted sources, and don't easily click on links or attachments;
Limiting the visibility of personal information on the web: While some users prefer to share their personal information on the web, they must be kept to a minimum.
High voltage Component - Resistor, High Voltage Compoment - Capacitor, HV Film Capacitor for Power Supply
XIAN STATE IMPORT & EXPORT CORP. , https://www.shvcomponents.com