Your login credentials are valuable to criminals who are after your identity and money.

If you think there’s only a slim chance that fraudsters might steal your login credentials and use them for financial fraud, identity theft and other criminal activities, it’s time for a wake-up call.

More than 15 billion login credentials are for sale on any given day on the dark web and other underground markets that sell tools and information for fraud and identity theft, according to “Why Your Social Security Number Isn’t as Important as Your Log-In Credentials,” a report from the Identity Theft Resource Center (ITRC).

Stolen login credentials can also be the cause of corporate and small business data breaches and cyberattacks.

In fact, in 2021, one stolen password that wasn’t protected by multifactor authentication (such as a code sent that must be entered to access the account) allowed hackers to launch a cyberattack against Colonial Pipeline that shut down deliveries from Gulf Coast refineries to major markets on the East Coast, according to Reuters.

“Identity thieves want login credentials,” says the report. “They make more money defrauding businesses with ransomware attacks and phishing schemes that rely on poor consumer behaviors than traditional data breaches that rely on stealing personal information.”

What are the going rates for login credentials?

Depending on the type of account login, high-value credentials sell on the dark web for as much as $500 to $140,000 each, according to “From Exposure to Takeover,” a report from digital risk security provider Digital Shadows.

Here’s a rundown of the prices for stolen login credentials, according to Digital Shadows :

  • Email administrator: $500 to $140,000
  • Bank and financial accounts: $70
  • Antivirus programs: $21
  • Video and music streaming services: $15
  • Social media accounts: $10 or less

“Most credentials belong to consumers, and cybercriminals give away many for free,” according to the Digital Shadows report.

Find out: 4 Common Password Mistakes That Put Your Online Security at Risk

Ways that criminals steal login information

In addition to data breaches, your login credentials could be stolen in a number of ways, according to cybersecurity software company SentinalOne, including:

Credential stuffing

Hackers test databases and lists of stolen login credentials against multiple accounts to find a match.

Phishing emails and texts

Criminals pose as legitimate businesses to trick users into supplying their login credentials.

Password spraying

Hackers use a list of commonly used and easy-to-crack passwords such as 123456, password 123, batman, letmein and others against a user account name.

Keylogging

Malware keyloggers record your every keystroke to obtain login credentials for bank accounts, credit cards, digital wallets and other secure online forms.

Local discovery

Someone else sees a password you wrote down in a notebook, on a scrap of paper or elsewhere and uses it to access an account or multiple accounts.

How to protect your login credentials

Taking the following steps can help protect your login credentials against being stolen:

  • Use multifactor (code sent to phone, fingerprint, facial recognition, etc.) on all accounts.
  • Use only secure networks — avoid using public Wi-Fi, for example — and a virtual private network (VPN) to keep hackers, identity thieves and spammers from seeing your online activity.
  • Stay on top of all software updates.
  • Use at least a 12-character password on all accounts so they’re harder for hackers to crack.
  • Never click on links in phishing emails or text messages.

Find out: 5 Identity Theft Risks You Should Never Take on Public WiFi

Get professional help to clean up errors in your credit report.

Get AnswersCall To Action Link
Did we provide the information you needed? If not let us know and we’ll improve this page.
Let us know if you liked the post. That’s the only way we can improve.
Yes
No

About the Author

Deb Hipp

Deb Hipp

Deb Hipp is a full-time freelance writer based in Kansas City, Mo. Deb went from being unable to get approved for a credit card or loan 20 years ago to having excellent credit today and becoming a homeowner. Deb learned her lessons about money the hard way. Now she wants to share them to help you pay down debt, fix your credit and quit being broke all the time. Deb's personal finance and credit articles have been published at Credit Karma and The Huffington Post.

Published by Debt.com, LLC