What Is The Dark Web?
The dark web is a chunk of the internet that is not indexed by search engines and initially requires specific software and configurations for access. This hidden network allows users to browse anonymously and sometimes conduct illicit activities. The dark web is often associated with criminal undertakings like selling weapons, personal information, and illegal drugs and is used by people who want to remain anonymous. Due to its anonymous nature, it can be difficult to track and monitor activities on the dark web.
How Do Hackers Do Credential Stuffing?
As the world has turned digital in the past decade, online transactions are now the most common and excellent target for dark web hackers. Buying and selling personal information is the most common transaction on the dark web.
There is a certain price point for credit cards, crypto accounts, eCommerce platform logins, personal email logins, and others. What hackers do is, they create databases of stolen login information and then use that information on other websites and try to log in to people’s online accounts, such as bank accounts, to steal money or identity. If they cannot get in with a certain password, they try different variations of the password until they can ‘break in’ into a certain account. Furthermore, if the combination is not working for a person’s Google account, it might work on their bank account, which is how they check and sell the login information. This is known as credential stuffing.
This dark hole goes even deeper, as hackers have a certain price list for different sorts of information. How much is your Email login information worth?
According to ExpressVPN, there is a specific price for different email platforms. A U.S. Gmail account can be sold for $65 on the dark web. An Outlook one can be sold for $55, an iCloud account for $40, and so on.
According to Verizon’s 2022 annual data breach report, 86% of personal information breaches occur due to money theft, and cybercriminal groups organize 55%.
One would ask, what do hackers do with such limitless information? Simply put, they create databases to keep a list of email login information and find a way to monetize that list. It is a matter of algorithms, whether by selling people’s information on the dark web or simply using it themselves. If a hacker figures out that your email login information is the same as your bank account, they might make online purchases, withdraw cash from your bank account, obtain new credit cards, etc.
Our simple human behavior is the main thing that pops up as an answer to how they easily access our personal information. People use simple passwords, such as the date of their birthday or their children’s birthdays, and they use one password for different accounts, from email to bank and online shopping accounts. This is why many secure sites will ask their user to think of a ‘hard’ password with letters, numbers, caps lock, and even punctuation signs. There might not be a certain need for you to be scared of getting your account hacked, but it is always better to be safe than sorry, so while registering online, make sure to use completely different passwords instead of variations of one. This way, even if someone gets into your email account, you will be sure they cannot get into any other account you may have on the vast internet.