Report: The dark web is selling your personal data for less than the cost of a Big Mac

Stolen credit card information can be bought online for less than a McDonald’s Big Mac. The average price of hacked data for a consumer was below $5.35 for 42 out of 50 states, according to a study by NordVPN.

“The card numbers found are just the tip of the iceberg when it comes to payment fraud,” said Adrianus Warmenhoven, a cybersecurity expert at NordVPN. “This is a crime with a huge ripple effect and the extra information being sold makes it far more dangerous as a skilled criminal can use these to acquire more personal details.

And the study of the dark web found that most buyers pay a little more for a complete meal with fries and soda, or in this case, a social security number, home address, phone number or email.

And Americans, pay attention, the dark web database showed more than half of the card details belonged to U.S. consumers.

According to NordVPN, these details purchased on the dark web make it easy for a cybercriminal to commit identify fraud.

“In the past, experts linked payment card fraud to brute-forcing attacks — when a criminal tries to guess a payment card number and security code to use their victim’s card,” said Warmenhoven. “However, most of the cards found were sold alongside the email and home addresses of their victims, which are impossible to brute force. We can therefore conclude that they were stolen using more sophisticated methods, such as phishing and malware.”

NordVPN: Tips to protect yourself from fraud

1. Use complicated passwords: Use different passwords for each account and store your passwords in an encrypted password manager. Make sure your passwords consist of a combination of letters, numbers and symbols.
2. The extra factor: Sign up for two-factor authentication on commonly used websites. This means that even if a criminal gains access to your main log-in details, they will also need to crack a separate numerical PIN.
3. Download your bank’s app: Use it to track your money, paying particular attention to any unusual outgoings. Some apps will notify you of every transaction in real time – just make sure to look.
4. Respond to data breaches: Change your username and password immediately if a company informs you that your details were involved in a data breach. If you’ve used the same one elsewhere, change it there too.
5. Use anti-malware software: Anti-malware software will ensure that you do not download malicious files to your device and will protect you from info-stealing viruses.