Our personal information has real value on the dark web because it can be used fraudulently in various ways to make a profit at your expense. Some of the most common scams are listed below, organized by type of account hacked.
Hacked Skype accounts have previously been used to spam people with phishing links that mimic LinkedIn and Baidu posts.
Another common scam involves exploiting mobile carriers to bypass two-factor authentication and gain access to bank accounts.
Scammers have been caught setting up complex schemes involving stolen Paypal and eBay accounts that they use to purchase expensive electronics. A hacked DHL account could be the missing piece of the puzzle that would allow them to get their hands on the goods, which would typically be resold.
Connections to everyday services like Netflix and Spotify primarily provide a route to potential identity theft, as it remains so common for people to reuse their passwords.
By obtaining a set of valid credentials, hackers use software to automate the verification of this connection against thousands of other online services. This is called “ID stuffing”. The results will either be used for identity theft or sold on the dark web for a profit.
An added bonus is that opportunistic criminals can also stream TV shows, movies, and music for free, at least until the real owner notices that their account has been compromised.
Pirate Spotify the accounts can also be used in click fraud. A Bulgarian scammer notoriously played the Spotify royalty system in 2017 to pocket $ 1 million, however, there is evidence that similar programs continue to work using compromised Spotify accounts.
These services have an added appeal for hackers: In addition to the possibilities of identity theft and scanning of stored credit card information, they can also profit from costly explosions, often with high-end alcohol. driving up the bill, for someone else’s penny.
Accounts for services like Fitbit are a potential treasure trove of intimate personal information and health data downloaded from users’ portable devices. Compromised account owners even become vulnerable to burglary or home invasion once criminals have access to live and historical GPS location data.
Pieces of identity
Genuine physical identity documents, such as passports and driver’s licenses, are extremely valuable for identity theft. Typically, this means fraudulently opening lucrative lines of credit on behalf of the passport holder, which then quickly run out, leaving the unwitting victim with huge debt.
Stolen documents of this nature – intercepted in the mail, for example, or stolen and sold to criminals by corrupt officials – sell for a high price.
Passport scans only sell for a fraction of the price due to their digital nature and the increased risk of not being accepted.
Accounts from brands like Amazon and Bestbuy are popular with scammers thanks to the prevalence of multiple stored payment methods, typically credit and debit cards. They can not only buy a huge range of big-ticket items to resell, but also high-value gift cards to use on their own account.
The scale and impersonal nature of Amazon and big box store operations also make them attractive to scams.
Hacked eBay accounts are also particularly attractive because not only do they allow criminals to trick buyers into sending them money for fake ads, but also buy expensive goods with the account owner’s funds to intercept them and resell them.
Scammers also buy eBay accounts in the hope of gaining access to associated PayPal accounts.
Stolen credit and debit card data, along with online bank and payment account details, have long been the most popular items for sale in dark web markets. The allure of high account balances to cash and access to new lines of credit naturally allows these items to consistently command the highest prices.
A worrying new trend is to bundle hacked debit card data for high balance accounts with SIM cards and cryptocurrency accounts. These all-in-one fraud packages allow crooks to hack SIM account  and drain the funds into the intermediary crypto account, where the stolen money is easily laundered.
Paypal has long been the favorite of crooks. High balance accounts can be hijacked directly, but since PayPal accounts are also often connected to multiple cards and bank accounts, thieves can gain access to much larger funds as well. This feature also means that PayPal accounts are also generally used as “middle man” accounts to facilitate all kinds of online scams.
Scammers with a hacked PayPal account can also try to double their money by using the funds in the account to run various well-established chargeback scams at merchants that accept PayPal.
Hacked Facebook accounts offer three avenues of profit for cybercriminals. First, they are an incredibly rich source of personal information that can be used to facilitate identity theft, such as helping criminals answer security questions.
Compromised accounts can also provide access to stored payment information used for Facebook game and Marketplace transactions.
Finally, as with most online accounts, scammers are betting that many people still reuse passwords on multiple accounts, especially those they often use like Facebook.
Compromised Airbnb accounts can be used to create bookings for homes that criminals then rob, while hosts hacked on the same app can be used for phishing.
There have also been reports of hackers altering payment details of hosts in order to steal their income.
There have been frequent reports of crooks using hacked Uber accounts for expensive trips, in place as far as Russia and Arizona. This cheeky scam is made simple by the storage requirements of a credit card or PayPal account in the account.
Access to other travel accounts, such as Booking.com, gives criminals the ability to send fake emails tricking people into making high value payments related to their travel arrangements, as well as to steal their credit card details.