Italians are increasingly the target of hacker attacks, so much so that in the past 12 months over a million alerts for data compromise have been launched, with an increase of 56.3% compared to the previous period. In particular, according to Crif’s Cyber Observatory, the notices concerned data found for sale or freely distributed on the Dark Web, that area of the Internet that can act as a black market for criminals and that collects almost three-quarters of the total data. stolen worldwide, compared to 27.1% of data available on the normally navigable Web.
In the first half of 2021 there was an 18% growth in available stolen data compared to the last six months of 2020 and mostly criminals use forums, blogs and messaging programs to distribute the stolen goods, with a particular predilection for Telegram where they continually open and close “rooms” dedicated to the exchange of lists of combinations of stolen emails and passwords.
Passwords, emails and phones in the viewfinder
By analyzing the data, Crif experts confirmed that the stolen data most often found for sale on the Dark Web are passwords, personal or business email addresses, telephone numbers and name / surname combinations. In the public Web, however, there are emails, social security numbers, telephone numbers, usernames and physical addresses.
“On the dark web – says Beatrice Rubini, executive director Personal solutions at Crif – there is an enormous amount of data on unsuspecting citizens who run the risk of suffering identity theft and online scams. The level of sensitivity and awareness of large segments of the population is still very modest and no forms of protection are adopted, even minimal, such as adopting complex and unique passwords for each service “.
A confirmation of the unfamiliarity in terms of computer security comes from the analysis of the passwords find again. Among those stolen, in fact, the most common in Italy are made up of male names such as “Andrea”, “Giuseppe” or “Francesco” and names of football teams such as “Juventus” or “Napoli”. Worldwide, however, the ranking of the “most stolen” passwords is made up of variations of numerical sequences from 1 to 9 and trivia such as “qwerty”, “qwerty123” and “password”.
Entertainment to steal
Looking at the type of site that most often appears in the lists of exfiltrated credentials, it appears that as many as 46% come from entertainment services such as online games and dating, with the e-sports component in strong growth (as indeed its diffusion among users). In second place, are the credentials of forums and websites with 20.8% while streaming services represent 18.7%.
This data represents a gold mine for pirates who can resell the credentials of better structured or advanced gaming accounts to players who want to “take a shortcut” to get to the higher levels. A possible variant is to empty them of the most interesting objects and then sell them directly in the game. Furthermore, the market for “shared” accounts for streaming services is flourishing, many of which come from users who do not know that their credentials have been violated and who therefore also pay for others.
A phenomenon not to be underestimated is that of the theft of social media credentials: as much as 13.7% of the total. In this case, criminals can change passwords to “lock us out” of our profile and ask for a ransom to return it, or use the information contained to organize fraud by contacting our friends by pretending to be us.
Lazio the most threatened
The analysis of stolen data also takes stock of which regions are where the most data is stolen. At the head is Lazio from which 21.4% of all Italian data have been subtracted. In second place is Lombardy, behind with 12.7%, followed by Campania at 8.3%. Around 7% are collected in Sicily (7.5%), Emilia Romagna (7.5%) and Tuscany (7.1%). The others follow until reaching the Valle d’Aosta, bringing up the rear.