If you have ever received a spam text or email, it is likely your private details are being sold on the secretive “dark web”.
Criminals are flogging millions of people’s personal data — including email addresses, passwords, phone numbers, date of birth and even full credit card details — all for as little as 98p. The data is normally stolen by hackers targeting companies with weaknesses in their security systems. It is then sold on the dark web, the shadowy part of the internet not indexed by search engines. A total of £1.7billion has been lost to scams over the past year, according to Action Fraud.
Hackers steal such huge amounts of data that two in three people using the IPS Data Breach Checker tool have found their own private information for sale online.
Links can install viruses
The typical victim has had their email address stolen by hackers four times and their password compromised three times, says Individual Protection Solutions (IPS).
When a Sun reporter entered their personal email address into IPS’s data-breach checker, they found their details, including passwords, were caught up in nine different breaches and for sale on the web. Their private data was stolen when hackers targeted networking site LinkedIn, online file-storage site Dropbox and health app MyFitnessPal between 2012 and 2018, the tool said. Hackers bundle together all the information they have on an individual then sell it via the dark web to fraudsters, who use it to target people for scams. Criminals buy the information and use it to create “phishing” emails or texts, which look like they are from legitimate organisations.
But links in messages divert targets to websites which look genuine but trick victims into divulging further personal details or transferring money.