This Online black marketplace is selling your digital identity

By FKlivestolearn | Technicity | 7 Jan 2020

Beware of the ever-evolving scary side of the Dark Web.

 

Cybersecurity has become an ever more important issue for more than 4 billion netizens. As more of us spend an increasing amount of time online, safeguarding ones’ digital identity from the nefarious players has to take priority. The involvement of Nation-states in this activity has gotten the attention of lawmakers.

Last July the American Department of Homeland Security (DHS) confirmed that the Russian government hacked the U.S. power grid. Citing national security concerns a new Cybersecurity and Infrastructure Security Agency was created in November 2018, to prevent U.S infrastructure from cyber & physical attacks.

The virtual world of the World Wide Web is divided into three categories — Dark web is a subset of the Deep Web & the hub of mostly illegal activities (infographic below). Despite repeated crackdowns by the law enforcing authorities on this digital wild west, the online black market has continued to flourish. A new online marketplace called Richlogs was added to it in April of this year.

Since its emergence, Richlogs has been selling stolen “digital fingerprints” to the interested parties which include IP address, OS information, time zone, user behavior, etc. The rich trove of personal data is enough for the buyer to completely assume their identity online. The detailed report by cybersecurity firm IntSight analyses the inner workings of this dark web marketplace.

0*T0oFAgNIwvRlhUox

Richlogs has positioned itself as a strong competitor to Genesis — the first market to sell digital identities, which started working Nov. 2018. Gauging from the domain name suffix (.ru) & the language options offered (English, Russian), Richlogs appears to be Russian. Although only 1105 accounts were on sale at the time of publishing of IntSight’s report (Figure 2), the implications are scary.

Personal preferences like screen resolution, time zone, OS information, regular user behavior, and additional details that are unique to that user are scrapped which can be used to gain access to social media accounts, banking, credit cards & other payment services, online shopping accounts, and pretty much anything that requires a login and password.

The online marketplace is absolutely non-hesitant in boasting about selling data that increases the chances of impersonation. It actually takes a jab at its competitor for selling incomplete fingerprinting data. The personal data posted on Richlogs shows you all the websites that the victim accessed. Somebody with fewer websites would sell for a much lower amount while data with accessibility to dozens of websites would go for about $200 — $250.

1*HC9tmuG7Fi7Ce7fjM5lAAg.png

An inside look by IntSight at the digital identities on sale confirms the fact that Richlogs does not discriminate between regions & countries — three identities on sale were citizens from New Zealand, Serbia & India. The report wraps up with some points on how to keep your organization safe from digital identity fraud.

I am going to leave you here with some tips on how to keep your digital identity safe:

  • Use strong passwords — a combination of letters, digits & special characters & change passwords often, every few months is advised.
  • Enable two-factor authentication — A mobile verification or additional security questions with a password makes it increasingly difficult to hack an account.
  • Avoid using open networks (hotspots etc.) — especially to access sensitive information. A coffee place open WiFi is not a safe place to do your banking.
  • Don’t give out personal information to unknown websites or individuals for that matter.
  • Cleaning your browsing history on public and/or workplace computers. Limit the extent of “digital history” sitting on your computer.
  • Installing a good anti-virus software  keeping it up to date to protect your computer & scan your systems regularly.
  • Shopping online on websites that use secure technology to protect your data (SSL).
  • Keep your personal WiFi networks password protected  keep a difficult password, not something that can be easily guessed.
  • If possible use a VPN (Virtual Private Network) to access the internet privately & securely. VPN services are really affordable these days.

 

Medium | Twitter | LinkedIn | StockTwits | Telegram

Privacy cybersecurity data security Darkweb digitalidentity

How do you rate this article?

0
FKlivestolearn
FKlivestolearn

I am a prolific Blogger on Substack/Medium with a newsletter. Extensive trading experience in Forex & Stocks based on technical studies. Cryptocurrency trader and Enthusiast, Blockchain/Fintech Evangelist & generally just a Technology Freak.

Technicity
Technicity

Keeping you up to date & empowered within the fields of Technology, Finance, Science & Space.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.
Earning £1M Through Crypto: Portfolio Trackers Earning £1M Through Crypto: Portfolio Trackers
Tiero

Tiero

7 hours ago
3 minute read

Crypto Trading And Market Update : Bitcoin Price At $65k Crypto Trading And Market Update : Bitcoin Price At $65k
shohana

shohana

17 hours ago
1 minute read

Openclaw Users Leveraging Brave Browsers Search API Openclaw Users Leveraging Brave Browsers Search API
Cje95

Cje95

23 hours ago
2 minute read