Thomas Trutschel/Photothek via Getty Images

  • A new report shows the average prices that hackers are willing to pay in exchange for control of different online accounts that have been compromised.
  • Selling stolen login credentials is a common practice on the dark web, a collection of underground networks, where hackers will pay a high price for access to personal data, counterfeit documents, and hacked social media accounts.
  • Compromised Gmail and Facebook accounts are among the priciest stolen logins, possibly because they could be leveraged to gain broader access or trick other people into handing over information.
  • For more stories go to www.BusinessInsider.co.za.

Can you put a price tag on the security of your online accounts? Hackers certainly can - and a new report shows the average price they're willing to pay for compromised account logins traded on the dark web.

Researchers with Privacy Affairs, the research arm of cybersecurity firm NordVPN, analysed hundreds of recent listings on the dark web, where hackers routinely exchange stolen credentials. The researchers indexed the average prices of different types of logins for sale.

A hacked Facebook account goes for R1,300 on average, while Instagram accounts averaged around R1,000 and Twitter logins went for R850 on average.

Daniel Markuson, a NordVPN analyst, said in a statement that the selling prices for compromised social media accounts are "relatively low," but noted that hackers typically access accounts in order to pull off more lucrative scams.

"This information can be used in many fraudulent activities, including identity theft, so its protection shouldn't be underestimated," Markuson said in a statement.

A hacked Gmail account averaged a higher selling price - R2,700, on average - due in part to the fact that it could potentially provide a wide range of insight into a target's life and other accounts.

Hackers also regularly use compromised email accounts to trick other victims into sending compromising information - email scams cost businesses R30 billion in 2019, the American Federal Bureau of Investigation said, and a FireEye study found that 91% of all cybercrimes start with an email.

Even more lucrative than social media accounts are payment processing service accounts, which hackers use to send cash transfers from other grifts in order to avoid detection by law enforcement. Hackers offered to use stolen PayPal accounts to transfer amounts ranging from R17,00 to R51,000 in exchange for a R5,500 fee on average, according to the report.

Meanwhile, information on people's credit cards and debit cards sell for less - anywhere from R260 to R600 on average - in part because those transactions are easily traceable.

The report recommends that people regularly change their passwords in order to avoid having their accounts compromised. Services like Have I Been Pwned are available to check whether a login and password have been stolen in a past breach. Using a password manager can also help keep accounts secure.

Read the full report here.

Receive a daily update on your cellphone with all our latest news: click here.

Get the best of our site emailed to you daily: click here.

Also from Business Insider South Africa: