But while social media details can be easy for thieves to scrape, it turns out that credit card information is relatively straightforward to come by. Moreover, credit card cloning and theft are so rampant that there are 1.6 million card numbers for sale on the Dark Web. Keep reading for details on this growing problem and ways to protect your finances.

Here’s the backstory

How much do you think a stolen credit card sells for on the Dark Web? According to NordVPN, the average cost is only $10, and most come from U.S. citizens. Analyzing work from independent researchers, they released a report detailing the extent of the criminal activity. The most popular cards for criminals are Visa debit cards, followed by Mastercard and American Express. Because credit cards have some form of purchase or fraud insurance from the bank, the theft of debit card details is more devastating to the victims. The risk also increases if you have more than one card, which most Americans do. If you live in California, Florida or Texas, you must be extra cautious. According to the report, criminals stole almost 89,000 cards in California. Florida isn’t much better with 82,000 cases and Texas with 74,000 cases. The state with the lowest amount of payment cards stolen is Rhode Island. That could be due to the low population. But how do criminals get ahold of the card details? Well, there are two methods: database breaches and brute-force hacking.

What you can do about it

Brute-force hacking is essentially a complex way of guessing the sequence of numbers on the card. Unfortunately, most people aren’t aware that the numbers follow an international pattern. The first one or two numbers indicate the card type, like Visa or Mastercard. The following four numbers indicate the issuing authority. And the seventh to 15th number represents your account number, and the last digit is to verify the card’s authenticity. Interestingly, NordVPN explains that “it is derived by applying an equation to the first 15 numbers and used to determine whether any mistakes were made when entering the credit card number.” The CVV number on the back is only three digits, so it is easier to guess. While it is tough to protect your card from hacking, there are a few things you can do:

When a payment system requires a password, create a strong passphrase that is difficult to guess. Use a password manager to store all your login details and ensure that you keep them safe.Use two-factor authentication (2FA) to verify all accounts that offer it.Go through your banking statements regularly and contact your bank when you notice anything suspicious.Where possible, sign up for fraud and identity theft protection. Then, in the unfortunate event that something happens, criminals can’t compromise your identity. In addition, fraud protection lets you easily dispute any charges to your card.

Keep reading

Dark Web 101: What’s there and why the government can’t shut it down Is your info part of 700M accounts posted for sale to the Dark Web?