Covid-19 does not Stop Hackers

This is what emerges from the Cyber Crif Observatory. Telegram increasingly used for sharing stolen information. About half of the stolen accounts are related to entertainment sites, mainly gaming and online dating.

In the first half of the year, over 1 million alerts received from Italian users relating to a cyber attack against their personal data, up + 56.3% compared to the previous survey. This is what emerges from the Cyber ​​Crif Observatory. The analysis focuses on alerts relating to information found on the dark web (i.e. the set of web environments that do not appear through normal Internet browsing activities and require specific browsers or targeted searches) within which they circulate unduly. billions of data.

In the first half of 2021 there was an 18% growth in the data found on the dark web compared to the second half of 2020. It is in these environments that the greatest number of information obtained through computer fraud is found, just think that users alerted in Italy for data collected on the dark web are 72.9%, compared to 27.1% of subjects alerted to data collected on the public web (open web).

The environments in which the greatest amount of stolen data is exchanged are forums, blogs and messaging platforms. In addition to specific search engines (eg TOR, DuckDuckGo) Telegram, in particular, is increasingly becoming a sort of virtual meeting place for hackers in parallel with the darkweb, with the same purposes of sharing personal data, such as for example lists with emails and passwords of stolen accounts.
The stolen information is organized into packages containing thousands of credentials and sold clandestinely at very low prices, sometimes even less than 50 Euros.

According to the CRIF Observatory, in the first half of 2021 the personal data that mainly circulate on the dark web, and therefore more exposed to the risk of actions to the detriment of unsuspecting victims, are passwords, individual or company email addresses, usernames, telephone numbers. In the first half of the year, name and surname also fall into the top 5 of the most vulnerable data. This valuable information could be used to commit scams, for example through phishing or smishing. However, there is no lack of data exchanges with a financial value, such as credit cards and IBANs.

Looking at the main combinations of the data intercepted on the web, the marked increase in cases in which the complete data of a credit card appears correctly matched to the name and surname of the holder (in 56.4% of cases in the first six months 2021 against 20.8% in the previous semester). This obviously exposes you to a high risk of suffering fraud or unauthorized transactions.

Similarly, in almost 9 out of 10 cases the combination between username and password was intercepted, with a consequent very high risk of intrusion into the reserved areas of the victims.