- ExpressVPN combed various sites on the dark web to find the average cost of popular personal information in 2023.
- Hacked social media and streaming accounts are some of the more affordable items available on dark web marketplaces, while forged passports are some of the most expensive.
- Our interactive quiz determines your estimated value based on the sort of information and online services you own.
- Plus: An ExpressVPN cybersecurity expert debunks misconceptions about the dark web.
As our personal information is increasingly used to verify our identities, conduct online transactions, and sign up to social media platforms, it’s become a valuable commodity. Seeing the value of our information, hackers and other malicious individuals looking to make money online have no qualms about stealing and selling it on the dark web.
But not everyone’s personal information is valued equally. Read on to discover the cost of your data on the darknet and learn how to safeguard yourself against the theft and sale of your personal information.
Please note: The following article is written for informational purposes only and does not condone or support selling and purchasing illegal products on the dark web. The sale of such products is illegal and carries severe legal consequences. We encourage our readers to use the internet ethically and lawfully.
What is the dark web?
The dark web refers to a hidden network of websites not indexed by traditional search engines that are typically inaccessible to the general public. Because all activity on the dark web is anonymous by default, it’s often associated with illegal activities, such as selling drugs and weapons. However, legitimate websites also exist on the dark web, and they can be used for whistleblowing, covert communication in oppressive situations, and providing access to news censored in certain countries.
Accessing certain websites on the dark web often requires special software like the Tor (“The Onion Router”) Browser, and a VPN download can provide an additional layer of anonymity to your activity.
How is the dark web different from the deep web?
The internet is made up of various layers. The deep web is a term used to describe all parts of the internet not indexed by search engines, including the dark web. However, the dark web is just one of the many components that constitute the deep web, and not all deep web content is illegal or dangerous.
When it comes to the dark web, personal information can be bought and sold at different prices, depending on the type and amount of data being sold. This includes everything from a few dollars for a single login credential to thousands of dollars for a complete identity profile that may include a scanned passport or physically forged document. This growing marketplace for personal information on the dark web is a major reason individuals must take steps to protect their data.
Dark web product price index 2023
How much is your information worth on the dark web? ExpressVPN’s cybersecurity experts combed through several websites on the darknet and referred to price indexes from previous years (such as the annual report from Privacy Affairs) to determine the most popular products that are for sale on the dark web—such as credit card data, forged documents, and hacked info.
While fake driver’s licenses, IDs, and passports can be expensive, it’s uncertain if they actually work at immigration checkpoints. Our research also found that forged physical documents are more expensive than digital copies and are more challenging to find. Medical records and databases are also difficult to obtain and verify. Purchasing items from the dark web is risky due to the lack of quality control, so users tend to rely on ratings from others. Streaming and social media account credentials are readily available and cheap on the dark web. This is because there are plenty of sellers offering this type of data.
In our research, we discovered design mockups of scam pages and hacking tutorials for financial sites and courses on the dark web, sold for an average of 35 USD. Cybercriminals typically use these to create false documents (pictured above) and scam pages that mimic legitimate websites, such as banking or e-commerce platforms. Hacking tutorials may also offer instructions on exploiting vulnerabilities in financial systems to steal sensitive data or money. Below are examples of bank, gaming, and Bitcoin accounts for sale on the dark web.
How much is your data worth on the dark web?
Want to discover the value of your information on the dark web? Take our quiz below:
Safeguard your information from being stolen and sold on the dark web
According to Tay, while it may be difficult to completely stop a determined hacker or malicious person from stealing your personal information and making money from it, there are preventive measures you can take to protect yourself.
Never reuse passwords
It’s essential to avoid reusing passwords for multiple accounts because this significantly increases the risk of a security breach. If a password is used for multiple accounts and one gets compromised, all other accounts also become vulnerable to attacks.
This is because cybercriminals who gain access to one set of login credentials will often try those credentials on other websites and services to see if they work. Using strong and complex passwords that are difficult to guess or crack will make it even harder for them. Better yet, sign up for a password manager to store and protect your unique passwords.
Always enable 2FA, or multi-factor authentication
Two-factor authentication (2FA) adds an extra layer of security to your accounts, making it more difficult for cybercriminals to gain unauthorized access by requiring users to provide two forms of identification to verify their identity. This includes a password, PIN, and something the user has, such as a security token or one-time code sent to their phone.
Check the permission settings on apps or software you use
Many apps and software require access to your photo gallery, contacts, and location to provide a better user experience. While some permissions are necessary for the app or software to function, others may not be—and instead introduces security risks to you. By reviewing the permissions of an app or software, you can ensure that it’s not accessing more information than necessary. This can help protect your privacy and security by limiting the amount of personal data shared with third parties or used by the app or software.
Checking app and software permissions is particularly important on mobile devices, as these devices often contain important personal and sensitive information.
Check for accounts that may have been compromised
If you suspect that one of your online accounts has been compromised, there are several steps you can take to check and secure your account. The first step is to look for signs of unauthorized activity, such as unusual login attempts, changes to account settings, or unfamiliar transactions.
Next, you can use websites like Have I Been Pwned to check whether your account logins have been compromised in a data breach. If some of your passwords have been compromised, change them immediately. Alternatively, if you no longer use these accounts, delete them.
Limit the information you share online
By limiting the information you share online, you can better protect your privacy and prevent others from accessing your personal information. This includes exercising caution when posting on social media platforms, being wary of suspicious links or emails (that might be out to phish you), and taking advantage of privacy settings on your social media and other online accounts to limit access to your information.
Protect your personal information with a VPN
Using a VPN can help you protect any personal information you enter online, such as your credit card details or home address, especially if you’re using an unsecured Wi-Fi network. With a VPN, your internet traffic is routed through an encrypted tunnel, making it difficult for anyone to monitor your online activities or spy on you.
Bonus: Common misconceptions about the dark web
Shawn Tay, a cybersecurity expert, and threat hunter/analyst at ExpressVPN, explains the most common public misconceptions about the dark web:
Misconception 1: All dark web sites look sketchy
Many people expect websites on the dark web to look sketchy, dated, and generally unappealing. While that’s true of many sites, others resemble e-commerce sites on the surface internet and are nicely designed.
For instance, in marketplaces where users can purchase almost anything, sites have clean designs and clear user interfaces. Some include pleasing colors and professional images of the items for sale. “Most are designed this way to create a user-friendly and visually appealing interface for users to navigate their products and services,” says Tay. “This is to make users feel more comfortable and confident in their transactions.”
Misconception 2: The dark web is just for illegal activities
Sure, the dark web is known for illegal activities—but it has legitimate uses too. Journalists and informants can securely communicate and share sensitive or censored information. Several news and information websites, including WikiLeaks, The New York Times, Associated Press, and the BBC, have Tor versions.
Social media sites like Twitter and Facebook have also launched onion sites on the dark web. Tay says, “The dark web is pretty much safe if you don’t reveal any sensitive information that may be linked back to you.”
Misconception 3: The dark web is hard to access
The dark web is a place where people can freely express themselves and find information that may not be available on the regular internet—and it’s actually easier to access than most people assume. All you have to do is download the Tor Browser or Brave.
Misconception 4: The dark web is entirely anonymous
While the dark web provides anonymity, it can’t be guaranteed—mainly because people often slip up and reveal their identities in other ways. For example, sellers on dark web marketplaces often provide their Discord and Telegram information to allow buyers to communicate with them, which could lead to identity exposure.
Additionally, Tay warns that metadata and other digital footprints left behind when accessing the dark web could also be used to track someone’s activity online. “Some dark web sites may be compromised or monitored by law enforcement or other organizations,” he says. “This is why it’s essential to only transact on the dark web with an escrow service, to ensure payment completion for items sent to a buyer.”
Escrow on the dark web refers to the use of a neutral third party to facilitate secure transactions.
Misconception 5: It’s illegal to access the dark web
Accessing the dark web isn’t illegal, but distributing and downloading child pornography, promoting terrorism, and buying/selling illicit items is. Illegal activities are still illegal, regardless of whether you use the dark web to do it. By the same token, legal activity, like browsing information, remains legal when you do it over the dark web.