What cybercriminals really want to steal from you

Cybercriminals are no longer really interested in stealing your credit card information.

While a single credit card number once fetched $5 on the dark web, improved methods of detecting and fighting fraud have diminished that resale value to 50 cents, according to Justin Lie, founder and CEO of online fraud management company CashShield.

What’s selling on the black market now is account information. Consumers increasingly use their accounts to access platforms and perform tasks. Think of the mobile payment service Venmo and ride-hailing services, which are storing more data online and giving criminals unprecedented access in one fell swoop.

That bundle of information is valuable on the dark web, which made the Equifax hack so damaging. Not only were more than 147 million Americans compromised, but thieves could sell a package of interconnected personal data points to criminal buyers as opposed to a single piece of information.

Lie noted that cybercriminals will generally target whatever information will yield them the highest return.

The most valuable account information to criminals is Uber account data, which can sell for $30 each on the dark web, or 60 times what one’s credit card information goes for. The ride-hailing platform was breached in 2016, compromising the personal information of 57 million users.

There are more valuable accounts out there that could fetch up to $80 each on the dark web, Lie said, but these platforms have yet to be breached.

On Friday, Marriott announced a major data breach involving a guest reservation database at its Starwood Hotel brand that may have compromised the personal information of as many as 500 million people. Data at risk includes some payment information, email addresses and mailing addresses.