Criminals are stealing people’s identities to use to commit fraud, a Johnston Press investigation into cybercrime has revealed.
Today, AASMA DAY looks at the shocking number of stolen identities from Lancashire for sale on the criminal underground market.
We’re used to the banks picking up the credit and debit card losses, we don’t see the downside to ourselves of being careless with our personal information.
Cyber hackers could be trading the details of nearly 420,000 people in Lancashire on the Dark Web in a bid to extort them for cash and goods, research from a specialist data firm has found.
Read more from today’s cybercrime investigation here...
Across the Lancashire postcode, the personal data of 419,074 people is listed for sale on the underground marketplace.
The illicitly obtained data - from e-mail addresses and pictures to passport numbers and credit card details - is listed for sale on the areas of the internet which are encrypted and hidden from ordinary search engines.
In the Blackpool and Fylde area, the number of stolen identities found on sale on the Dark Web by postcode area are: 10,677 in FY1, 6,434 in FY2, 10,698 in FY3, 13,736 in FY4, 5,117 in FY5, 2,893 in FY6, 7,999 in FY7, 4,423 in FY8, 6,781 in PR3 and 7,100 in PR4.
Personal data has become one of the fastest growing tradeable commodities online. If criminals eventually gather enough information about an individual, they have the potential to open credit cards in their name, buy goods and transfer money.
Experts say fraudsters target people with low levels of security and those who do things like accessing their bank account details when using public WiFi.
The Johnston Press Investigations Unit has teamed up with London data firm C6, to reveal a picture of the booming identity trade among the criminal underworld.
The data firm employed expert staff to track the number of identities being sold on the dark web, with people’s email addresses and names traded through encrypted chat rooms.
“As consumers we have never really paid the price for fraud,” said Emma Mills, chief operating officer of C6, which runs the hasmyidentitybeenstolen.com website.
“We’re used to the banks picking up the credit and debit card losses, we don’t see the downside to ourselves of being careless with our personal information.”
Ms Mills says the spiralling amount of people at risk of being defrauded needs to act as a wake up call.
“We don’t clearly understand the impact of having our identities compromised and how long and painful it is to re-build that genuinely.
“It causes problems with applying for credit or any other form of account.”
Often the online marketplaces sell only partial information about an individual. One site allowed users to bulk purchase Paypal accounts for one US dollar per account.
The store, which also purported to sell EBay accounts, offered an 80 per cent working guarantee.
On its own, a person’s streaming service account details could be seen as innocuous, But profiles can then be ‘enriched’, often over a series of months, or even years.
Once the identity is rich enough, fraudsters can open credit card accounts in a person’s name, buy goods and transfer money. They can also sell on the so called -’full person profile’ in bulk.
C6, owned by Acuris, has been researching this type of data since 2002 and works by updating a database of known records being traded in the far reaches of the Dark Web.
Its website, hasmyidentitybeenstolen.com, allows users to see whether their address or data has been compromised.
Tomorrow, we look at cybercrime and criminals operating on the Dark Web.