14 DAY TRIAL // Since the credit cards contain so much information about your money, an important part of today's attacks are obviously targeting them as the hackers aim to steal users' credentials and get access to their accounts. Gunter Ollmann of Frequency X wrote that along with credit cards and identity info, the passwords are the subjects of numerous online transactions being sold for very low prices. Moreover, the security researcher reminded of a 2004 survey which revealed that approximately 70 percent of the respondents would provide their passwords for a chocolate bar, so the naivety of the users bundled with low security can result in successful attacks.
"What if I was to tell you that, today, your password is worth something less than four cents?" Gunter Ollmann wrote. "Hidden in the murky parts of the Internet there are exchanges for passwords and other identity information. Accessible through various invite only bulletin boards and IRC channels, identity information is sold or, more commonly, exchanged for goods and services. ?Identity? itself is now a form of currency."
An earlier conducted study made by the same security researcher revealed that credit cards credentials can be bought for very low prices that can give you access to many stolen accounts. Very often, these credit cards are sold in packs of about 100+ pieces which can be acquired for as much as $1 per credit card.
"A list of 2,000 credit cards (which includes card number, name, issue/expiry date, CVV2 code and magstripe data) is worth about 40 standard identities (i.e. name, address, phone number, social security number, date of birth) or around 5 complete banking identities (i.e. all of the above, but also includes mother?s maiden name, bank account number, account password) ? depending upon the bank the identity theft victim is with. Cracks and keygens to the latest software or warez can similarly be exchanged for identity information. It?s a little bit like those packs of cigarettes being traded in prison movies," Gunter Ollmann continued.
So, next time somebody offers you a chocolate bar instead of your passwords or credit card information, don't be so naive to give it to them. Just think that you can buy many more chocolate bars with the money stored in your account...