PANAMA CITY, Panama–New research by NordVPN that analyzed more than four-million card details available on the dark web found 1.5-million of those belonged to Americans.
The average price of all the found cards was $9.70, while the average price of an American card was $5.80.
The second most affected nation was Australia, with 419,806 card data researchers discovered for sale on the dark web, while 399,537 hacked payment cards belonged to people from Hong Kong.
More than a half (913,955) of all the discovered payment cards coming from the U.S. were Visa, followed by Mastercard (406,851) and American Express (143,836), according to NordVPN.
“Since 2014, we have been seeing a constant growth in payment card fraud around the world. We decided to look into how much a payment card costs on the dark web and why there’s a booming underground black market for them,” said CTO Marijus Briedis. “And the answer is that hackers can easily make a lot of money. Even if a card costs only $10 on average, a hacker can make $40 million by selling a single database, like the one that we analyzed.”
Vulnerability Factors
“Even though the biggest number of card details found for sale were from these three countries, this doesn’t mean that they are the most vulnerable,” the company said in releasing the findings. “According to the research, the vulnerability depends on factors like the proportion of non-refundable cards (if a card is refundable, the owner can be reimbursed in case of being scammed), the country’s population, and the number of cards in circulation.
“For example, taking into account a large number of cards with refunds available, U.S. cards may be more reliable. But there was still a big number of them found hacked on the internet because of the greater number of credit card users in this country in general,” Briedis added.
The ’Risk Index’
According to NordVPN, its researchers compared the card data between countries with the United Nations’ population statistics and the number of cards in circulation from Visa, Mastercard and American Express to calculate a “risk index” and compare more directly how likely people’s cards are to be available on the dark web by country.
NordVPN said America’s risk index was estimated to be 0.34, while the most vulnerable country was found to be Hong Kong, with a maximum possible risk score of 1. The second most vulnerable was Australia (0.85), followed by New Zealand with a score of 0.8. The least vulnerable score is 0, and it was attributed only to one country — the Netherlands.
‘Little Users Can Do’
What kind of assurances can credit unions provide their members?
According to NordVPN, there is “little users can do to protect themselves from this threat, short of abstaining from card use entirely. The most important thing is to stay vigilant.”
“Review your monthly statement for suspicious activity and respond quickly and seriously to any notice from your bank that your card may have been used in an unauthorized manner,” said Briedis. “Another recommendation is to have a separate bank account for different purposes and only keep small amounts of money on the one your payment cards are connected to. Some banks also offer temporary virtual cards you can use if you don’t feel safe while shopping online.”