Nefarious activity on the dark web is increasing with more users and a rise in the number of social media accounts for sale, BDO says in its latest Scam Culture Report.
September quarter figures showed 2.7 million people were accessing the dark web a day, up by 200,000 on the same period last year, while trading rose with the most popular items counterfeit passports, credit ratings and credit cards, and corporate data such as user IDs, passwords and intellectual property.
BDO said one problem to watch was trade in ChatGPT accounts, with more than 10,000 already available.
It said dark web prices generally fluctuated and many rose over the period, with Facebook, WhatsApp, Instagram and Telegram accounts trading for around $310 each, up from $119 in June quarter. Covid vaccination certificates (also $119 in June) were selling for $139 or $123 for a digital version.
Account hacking also cost more, with a WeChat hack now $154 instead of $149 while email hacking jumped to $668, up from $269.
Identity documents from Germany, Italy and France attracted increased activity over the quarter, although prices for Australian drivers’ licences dropped from $545 to $465 while passports (various nationalities) fell from $2,800 to trade at $1,399.
“There is increased negotiation activity on the dark web, with traders and buyers actively promoting communication to resolve issues and differences,” the report said. “Like any marketplace, trust is crucial to making a transaction on the dark web, because if a transaction doesn’t go to plan, you cannot report it to the police.
“Sellers inviting buyers to negotiate with them and reach a solution has become a standardised feature, rather than setting fixed prices with no room to move.”
Some of the biggest price falls concerned cloned SIM cards, down by a third to $399, while the cost of hacked cryptocurrency accounts tumbled by an average of 72 per cent over the last 12 months.
BDO said the dark web, which was beyond the reach of traditional search engines, played a significant role in global cybercrime thanks to user anonymity and the ability to purchase personal data and financial information. Law enforcement was also active “with a number of the larger and popular marketplace sites having been shut down” but others springing up to take their place, “many with the same vendors”.
One feature of the quarter reflected events in the Middle East, with “increased chatter” around the conflict, threats of co-ordinated action and information sharing.
It said investment scams accounted for 70 per cent of money lost to cyber crime, with identity theft and romance scams responsible for only a tiny percentage.
Common investment scams included crypto scams, Ponzi schemes, imposter bonds and fake IPOs. Others involved remote access, rebate scams, online shopping, pyramid schemes and medical products.
Total losses reported from scams in the September quarter decreased by 24 per cent compared to the previous April to June quarter, at $105 million.
Most of the victims – 54 per cent – were aged 55 and over, a 7 per cent increase on the previous report in June 2023. However, cyber criminals were increasingly focused on the younger generation.
“Scammers continue to target Gen-X populations, mirroring trends observed from Dec 2022 (44 per cent) to March 2023 (53 per cent)”, it said, with emails surpassing phone calls as the primary scam method.
BDO’s Scam Culture Report was compiled by its forensic team, which included fraud examiners, forensic accountants, forensic technology professionals, licensed investigators, financial analysts and former members of law enforcement.
You are not authorised to post comments.
Comments will undergo moderation before they get published.