Glut In Stolen Identities Forces Price Cut

CowboyRobot writes "The price of a stolen identity has dropped as much as 37 percent in the cybercrime underground: to $25 for a U.S. identity, and $40 for an overseas identity. For $300 or less, you can acquire credentials for a bank account with a balance of $70,000 to $150,000, and $400 is all it takes to get a rival or targeted business knocked offline with a distributed denial-of-service (DDoS)-for-hire attack. Meanwhile, ID theft and bank account credentials are getting cheaper because there is just so much inventory (a.k.a. stolen personal information) out there. Bots are cheap, too: 1,000 bots go for $20, and 15,000, for $250."

Change your passwords ASAP!

[DigiShaman]

Seriously! If you even suspect that the machine you're working from has ben compromised by malware, CHANGE YOUR PASSWORD to the accounts you've used via a known clean computer. Then proceed to nuke the drive from orbit and reload the OS and apps. Botnets are known sources of dropping key loggers and harvesting user data to a central database.

Re:those numbers seem unsustainable

[AmiMoJo]

Usually the plan is not to withdraw money from the account directly. Too easy to get caught, owner of the account usually notices pretty quickly. Instead the account is used to open other accounts or take out loans which are then defaulted on.

This is pretty common in the UK. We have these shitty pay-day loan companies that charge 5000% interest and do only the most basic checks before handing over the cash. People give them someone else's name and bank account, so the first thing the victim knows about it is when Wonga starts taking internet payments by Direct Debit.