How your information is sold and bought on the Dark Web

Despite hundreds of millions of us falling victim to personal and financial information theft, few people know what happens to their information after it is stolen. We may imagine dark nefarious criminal organizations using our stolen data for grandiose dark nefarious criminal acts, but the reality is mostly much more mundane.  I had discovered that one of my credit cards was compromised when someone had charged around $8 at a McDonalds 900 miles away and then $200+ at a nearby Walmart. Unlikely the work of criminal masterminds. So, how did they get my credit card info?

Much of the stolen information ends up for sale on the Dark Web. Also known as the Deep Web, it is a place that exists beyond the reach of the traditional internet search engines like Google and Yahoo. Researchers estimate that the internet we know and use every day represents only about 5% of the total online content out there. The rest is the Deep Web.

Most of the Dark Web is “dark” by design — it’s meant to be hidden from the general public. Much of it belongs to legitimate entities like governments, military or corporations, who need their information kept protected and separate from the public internet. However, some of the Dark Web is unequivocally illicit — a mercantile platform for taboo products.

Venturing into the dark

The Tor network is one corner of the Dark Web favored by those who want to sell or buy illegal products and services. This is because of the anonymity features Tor provides — they help protect both sellers and buyers. Accessing Tor is relatively simple, but does require special software. Additionally, some Tor websites may also require specialized tools, authorizations or invitations in order to access them.

While the Tor network itself provides some level of anonymity to its users, I recommend investing in a little extra protection by using a personal VPN service like NordVPN to hide your identity before you even log onto Tor. (To learn more about the benefits of using a personal VPN, read this article).

Once you are connected to a VPN, head over to the website for the Tor project, and download the Tor web browser. It’s a completely legal and free web browser that will allow you to view the websites hosted on the Tor network.



From here, the common criminals can use several simple methods to procure your stolen credit card numbers:

Search Engines

Google can’t find these, but a specialized search engine like Ahmia had no trouble finding several vendors specializing in cloned credit cards and counterfeit currency.  The vendor shown below claimed to have over 6 years experience and to use fake credit card readers on ATMs to steal card information. They even offer to emboss the buyer’s name on the cards and provide free express shipping worldwide.




Another method criminals can use to purchase stolen credit card numbers is through one of the well-established Deep Web marketplaces. Below is an example of a vendor on the AppleMarket who offers credit card and CVV numbers and claims to have over 2,000 credit card numbers in inventory.




Sellers can also promote their offerings on pastebins, which public message boards for short plain-text messages. In the example below, the seller is promoting a range of fake identity documents including cloned credit cards.



In all of these above cases, the payment is accepted in BitCoins. One can get a stolen credit card number for as little as USD $5, or a physical cloned credit card with your own name for under USD $100. Not a bad price for a card that might net $500-$2000 in return.

As you can see, the Dark Web is a thriving and relatively accessible underground marketplace where your personal information is traded alongside with that of many others in the value packs of 10s and 20s. In the end, it’s not personal. For the hackers who steal your information, it’s just business. And for the low-level crooks who use it, it’s just a day in a life. This is a volume game. As the banks are getting better at detecting and preventing fraudulent activity, repeat customers demand a reliable supply.

No comments

Comment on this article