According to the study, Spain was the fourth most affected country in Europe, while France, the United Kingdom and Italy were the countries with the most hacked cards. And it is that since 2014 a constant increase in bank card fraud has been detected around the world. Hackers do not give up and keep trying to get the bank and personal data of millions of users.
78,654 Spanish bank cards leaked
“Since 2014 we have been seeing a steady increase in bank card fraud around the world, so we decided to investigate how much a bank card costs on the dark web, and why there is a booming underground black market for them,” says Marijus Briedis , CTO of NordVPN. “The answer is that hackers can easily make a lot of money from these types of attacks. Even if a card costs only $ 10 on average, a hacker can earn $ 40 million selling a database like the one we have analyzed. “
As we have already commented previously, 78,654 of the hacked bank cards belong to people in Spain of which more than half (46,493) are Visa, followed by Mastercard (31,247) and American Express (878). The prices of uncovered Spanish bank cards ranged from $ 1 to $ 24. Although the vast majority (23,080) of bank cards cost around $ 19. After this analysis, the average price of all the cards found was 12 dollars and 57 cents. What’s more, debit cards They were more likely to be hacked in Spain, since 66.83% of discovered cards are debit cards, and only 33.17% are credit. In addition, the most expensive cards on the dark web were found in Hong Kong and the Philippines (about $ 20) and the cheapest in Mexico, the United States and Australia with prices starting at one dollar.
The United States, the country most affected
The most affected country in the world was the United States: 1,561,739 of the 4,481,379 bank cards found for sale belonged to Americans. Behind America and in second place the most affected country was Australia, with 419,806 cards discovered for sale on the dark web.
Although the vast majority of the cards on sale come from these two countries, this does not have to mean that they are the most vulnerable. According to NordVPN research, the vulnerability It depends on factors such as the proportion of non-refundable cards, the population of the country, and the number of cards in circulation.
“For example, considering the large number of refund cards available, US cards can be more reliable. But even so, a large number of them were found to be hacked on the Internet because in this country there are a greater number of credit card users, ”explains Marijus Briedis.
To calculate the risk index, NordVPN’s study compared the card data with United Nations population statistics and the number of cards in circulation from Visa, Mastercard, and American Express. In this way, the probability by country that the cards are available on the dark web can be compared more directly.
In the case of Spain, the risk index was estimated at 0.37. The most vulnerable region in the world turned out to be Hong Kong with a maximum risk score of 1. Australia (0.85) and New Zealand (0.8) followed. On the other hand, the least vulnerable score of 0 was only obtained by the Netherlands. The risk index of the rest of the countries can be check here.
Brute force attacks on the network
“Increasingly, card numbers sold on the dark web are obtained through brute force attacks. Brute force attacks work a bit like divination. Think of a computer that tries guess your password: it will first try a key like 000000, then 000001, then 000002, and so on until it gets it right. Being a computer, it can make thousands of assumptions per second, “explains Marijus Briedis, CTO at NordVPN.” At the end of the day, criminals do not go after specific people or point to specific cards: they only try to guess any detail of the card that works to sell it online ”.
The truth is that there is little that users can do to refrain from these threats, unless they decide to completely stop using their cards. Most important of all, we must never let our guard down.
“Check your monthly statement for suspicious activities, and respond promptly and seriously to any notice from your bank that your card may have been used in an unauthorized manner. Another recommendation is to have separate bank accounts for different purposes, and keep only small amounts of money in the account where your bank cards are connected. Some banks also offer temporary virtual cards that you can use if you don’t feel safe shopping online, ”recommends Marijus Briedis.
Some aspects that we have to take into account regarding our financial security are the following:
Strong passwords
Payment systems, as well as access to accounts or emails must always have strong passwords. Using a strong password that alternates uppercase, lowercase, symbols, and numbers will make it more difficult for cybercriminals. Those responsible for the study recommend having a password manager.
Two-step verification
Two-step verification is becoming the least we need to do to protect ourselves from attacks. If our bank offers it, it is best if we have it active. The verification using a different device, which is usually our mobile phone, a textual code, a fingerprint, another security measure, is an important step so that our most personal data is not affected.
Security and fraud detection systems
These systems can detect cases where scammers have been successful. Banks use tools such as AI (Artificial Intelligence) to track payment attempts and rule out possible attacks. Pressure is also being put on payment systems for online merchants.