Data breach investigations have revealed a new shift in the hacking landscape, criminals are going after your passwords with a vengeance.
Passwords give hackers the “keys to the kingdom” when it comes to getting past standard cybersecurity measures to access cloud accounts, email accounts, and sensitive data.
According to the 2020 Verizon report on data breaches, credential theft has become the #1 type of information that is gone after in phishing emails.
This is often done via a phishing email that links the victim to a fake login form for Microsoft 365, an online banking site, or another account. The hacker then steals the login credentials as soon as they’re entered.
Password theft is responsible for 77% of cloud account breaches.
Why are hackers going after passwords as a main target? Because they’re very lucrative and they can get thousands, even millions of them in a one data breach.
For example, in April 2020, video conference service Zoom was the latest large company to fall victim to a data breach. Hackers made off with over 500,000 account logins for the platform.
Considering that people tend to reuse passwords across different accounts, that one Zoom password being stolen could unlock a person’s Amazon account, online banking account, or business email account.
And hackers know this, that’s why stolen passwords are a hot commodity on the Dark Web.
How Much Can a Hacker Get on the Dark Web for Your Password?
Here’s an example of how much stolen emails and passwords can be sold for on the Dark Web. Multiply this by hundreds of thousands obtained in a breach, and you can see how it’s such a lucrative business for cyber criminals.
Typical price on the dark for login credentials:
- Hulu Account: $2.75 each
- Netflix Account: $1.00 to $3.00 each
- PayPal Account: $1.50 each
Many businesses put protections in place like anti-phishing software and user awareness training on password security, which are both smart protections. However, when a cloud account vendor like Zoom is hacked, your password gets stolen, no matter how well you’ve protected it on your end.
This is why it’s important to also use Dark Web monitoring to keep an eye out for any chance that your personal or business emails have been compromised.
Why Should You Consider Dark Web Monitoring?
Dark Web monitoring is a service that looks for any sign that your password, email address, or other personal information are up for sale on the Dark Web.
While the Dark Web is a vast place, monitoring services typically look in the most commonly known marketplaces and scan vast directories for any potential sign of your data.
In addition to taking precautions to protect your accounts and passwords from breaches, using a Dark Web monitoring service can help you get a heads up as soon as any of your company or personal data is found up for sale. This allows you to take action.
Here are several of the benefits of using Dark Web monitoring.
It Lets You Know About a Breach as Soon as Possible
If your login credentials with a service you use have been breached in a hack, you may not find out about it until several months later.
In the case of CafePress users, the company’s database of user information was breached in February 2019, and impacted users didn’t receive a notification via mail until September, over 6 months later.
Dark Web monitoring can let you know if your password is found for sale long before you may even be notified by a company that it’s been breached.
Provides Immediate Alerts
You can get immediate alerts if logins related to your business domain are found for sale on any of the scanned Dark Web marketplaces. This allows you to take action right away to both check accounts for compromise and change any impacted passwords.
Provides an Additional Layer of Security
Any good cybersecurity strategy has several layers, and using Dark Web monitoring adds another important one. It can help you identify threats that may have happened outside your own IT security environment to a vendor or cloud service provider you use.
The average time to detect and contain a data breach is 280 days. So, your own accounts can be left at risk before a vendor that was breached is even aware your account login was stolen from their database.
Dark Web monitoring doesn’t leave you relying on their notification before you are aware of a compromise of your passwords.
Ask ProdigyTeks How You Can Get Dark Web Monitoring
Dark Web monitoring can watch for all types of sensitive information, including login passwords, SSNs, FEIN, and credit card information. Stay in the know by getting alerted if any of your data is for sale.
Schedule a free phone consultation today! Call 312-600-8357 or reach us online.