What’s troubling is that hundreds of thousands of Australian card details are being sold on the black market for as little as $1.40. Here’s what you can do to stay safe.
More than 400,000 Australian bank card details have been found on the dark web, with some selling for less than $1.40.
Research from software provider NordVPN revealed more than 4.4 million payment cards available for purchase from 140 countries, with Australia being the second most affected country behind only the US.
What’s troubling is that there were 1.5 million cards on sale from the US, while 419,000 Australian cards were also up for sale on the dark web for between $1.40 and $26.
About 80 percent of Australian cards for sale were for debit, which generally has a lower level of security than credit, while Australia was considered the second most vulnerable to card fraud after only Hong Kong.
Meanwhile, the most stolen Australian card details came from Visa with around 220,000 sales, followed by MasterCard with 192,000 affected, and American Express with 9000.
NordVPN chief technology officer Marijus Breedis said that while hackers can easily make a lot of money, there has been a huge increase in card fraud since 2014.
“Even if a card costs only US$10 on average, a hacker could earn $40 million selling a single database, as we analyzed,” he said.
He added that the database breach was not just happening because of poor security, but that the hackers were actually using “brute force” in some instances.
“Brute-forcing is like guessing. Think of a computer trying to guess your password. First, it tries 000000, then 000001, then 000002, and so on until it’s right would go,” he said.
“Being a computer, it can make thousands of guesses a second. After all, criminals don’t target specific individuals or specific cards. It’s all about guessing any viable card details that work to sell Is. “
Rarely, this method means consumers have no way of preventing themselves from falling victim to card fraud except by throwing them in the bin and not using them.
Instead, Mr. Byredis recommended that people review their monthly statement for suspicious activity and respond promptly and seriously to any notices from their bank that their card may have been used in an unauthorized manner.
“Another recommendation is to have a separate bank account for different purposes and only keep a small amount of money on the one that is linked to your payment card,” he said.
“Some banks also offer temporary virtual cards that you can use if you don’t feel secure when shopping online.”
He also advised people to use multi-factor authentication, such as a code being sent to your mobile or even a fingerprint.