According to a NordVPN study of a dark web marketplace that has illegally sold more than 720K items and data pieces for $17.3M, a Singaporean passport or driving license can be bought for as little as $13.60.
The items from Singaporeans found on the marketplace included passports, personal IDs, driving licenses, email, payment card data, mobile phone numbers, online accounts, bank account logins, crypto accounts, and personal data.
Residents of Malaysia had their passports and IDs going for $13.74 and $12.79 respectively.
But while Singaporean's IDs are worth $13.60, the Singapore Government's attempts to regulate and police payment cards, making a cardholder report the loss or theft of a card in 14 days or the liability falls onto the cardholder, for example, means that a Singaporean's payment card data costs $26.80 which is twice the world's average.
Crypto wallets and investment accounts of Singaporeans cost more than payment processing accounts and even more than some bank accounts.
Despite the Government recommending Singaporeans stay clear of trading in cryptocurrencies, with an average price of $537.70, the most expensive crypto account data is from Binance, followed by Kraken ($522.70) and Crypto.com ($476.40).
A payment processing account (e.g., PayPal) went for an average price of $136.10 by comparison.
On the other end of the scale, online accounts from Twitter were only $3, with Netflix going for $13.60.
How to reduce the risk of your data being sold on the dark web
"If you know the risks and equip yourself with the right tools and information, you'll maximise your chances of keeping yourself and your family secure," Cybersecurity expert Adrianus Warmenhoven from NordVPN.
Some of his recommendations include:
- Make sites and services earn your trust: Hackers get lots of data by targeting the websites and services you share your data with. You can't personally secure the servers that store your data, but you can vote with your wallet or feet. Make your data security a priority. If a site or a service asks you for sensitive data, ask tough questions about how the company secures it and what it will do if its data is breached.
- Educate yourself: You can do a lot individually to protect your data. This will depend vastly on where you spend your time online, but you can be proactive and research ways to stay safe on the devices and services you use.
- Stay vigilant: One side of the coin is knowing how to protect your data, and the other is knowing how to react quickly and effectively when your sensitive data is used without your permission.
- Monitor your accounts: Request weekly bank statements or activate transaction notifications on your app. Turn on the security settings for all of your accounts so you know when login attempts are made from suspicious devices. Make use of tools offered by the sites or services you use (a password manager, for example, offers a password strength checker that will tell you if your password is present in any breaches).
This article was first published in HardwareZone.