Phished Credentials Flourished on the Dark Web

March 20, 2018
Anti-Phishing Services

What lies further beneath the Dark Web?

It is undeniable that the surface web itself already has tons of problems especially when it comes to security. A web that is monitored and reachable by the government and authorities where cybercrime usually happens. It is because security does not rely solely on the technology itself, it is a collaboration between the human user and the technology being used.
In our previous articles we have been talking about phishing sites, phishing modus, and malware that is always intended to steal credentials and worse information that can be sniffed beyond the usual online credentials that we are used to.

What happens to them and what is the relationship of Dark Web?

Obviously fresh credentials are often used ASAP by most hackers to take advantage of their victims’ account, whether it be buying things with hacked credit cards after encoding the track information to a cloned card, use email addresses to spread more havoc such as distributing malware or conducting spear phishing attacks.

However some hackers opt in to sell the smoothly stolen credentials of their victims to a marketplace somewhere far from the internet that most people know of, yes you got it right some stolen credentials are peddled on the Dark web, some are easy to find because there are sites that exists for marketplace activities which are already manually indexed. But most are hard to come by because dark web sites are not originally indexed and the Deep Dark Web is the perfect place to establish a member-referral only marketplace for “legitimate valid wares” unless somebody records the dark web site to a famous search engine for dark web.

Why Sell Instead of use them?

Of course there are hackers who want to secure their analogue life in the real world by making sure that they won’t get steep penalties once they get caught in the future, they can always use the defense that they are just sellers and not the hackers/users they are looking for. Using stolen credentials especially stolen credit card details are risky, because of geographic fencing  where authorities will most likely get a lead where the credit card was used.
More profit and more anonymity from the authorities, if the hacker knows how to massively hack credentials, then using the hacked credentials won’t do good due to security issues on their part. So they sell them instead around the globe through the Dark web sites, because diversifying the location of the stolen credentials will most likely distract the authorities in tracing the origin of the hacker who stole it.

What is trending?

Selling Credit card information has been seen declining in activity, however selling of some stolen credentials are still on the loose on the dark web. According to security experts millions of email credentials which belonged to the Fortune 500 companies has been leaked or being sold to the dark web, it is said that there has been an approximate total of 2.7 million Log in credentials. Can you guess where they came from? Your guess is as good as mine, with all the series of malware, spear phishing and fake websites pretending to be legitimate businesses on the surface web, it has a big chance that those information go straight to the market place in the dark web for different cybercriminals to use for. Not to mention the most basic reason why hackers can steal credentials without going too technical, is the usage of weak passwords.

About the author

Leave a Reply