This Is the Single Most Valuable Password You Have to a Cybercriminal

Tina Russell/The Penny Hoarder

ScoreCard Research

Imagine an iceberg.

The ice floating above the water is the surface web. It’s the place where Facebook, Google and The Penny Hoarder live.

Travel underneath the water up to 100 feet or so and you’ve gone into the deep web. That’s where you might find medical records, legal documents, password-protected material and other parts of the web that aren’t indexed by search engines.

Below that, where no light shines, is the darknet, which is hosted within an encrypted network and accessible only with specialized anonymity-providing tools.

The darknet is a place I’ve never found myself personally, but it turns out, it’s a place where cybercriminals can find me — and you.

Your Life’s on Clearance on the Darknet

The buying and selling of your personal information and account logins are among the many illicit activities happening on the darknet.

Each of your private logins has a market value, according to Top10VPN’s Dark Web Market Price Index, and they’re not worth very much. Top10VPN, a virtual privacy network comparison website, reviewed all fraud-related listings on the three largest darknet markets between Feb. 5-11 to calculate the average price for each piece of personal info.

There’s a price for everything from your Macy’s account ($15.34) to your Instagram login ($1.28).

Stolen credit card and financial information yields the highest returns, while your dating login scrapes the bottom of the bargaining barrel.

The sum of your entire online identity is worth less than $1,200 on the darknet.

Your PayPal login, online banking details and Western Union login were the three most valuable pieces of information with average sale prices of $247, $160 and $101, respectively. The value of the information they hold makes them prime pickings for scammers.

So how do you protect yourself?

Time for Change: A PayPal Password Change, That Is

Access to your PayPal login is the most valuable bit of personal information on the darknet.

Why’s it so valuable? PayPal is a virtual treasure trove of financial access to a cybercriminal, because most people link more than one bank account, a debit card and at least one credit card to it.

You’re even more vulnerable if you’ve had the same PayPal password for years or if you use the same password for multiple accounts.

The simplest solution: Change your password now, and set reminders to change it regularly.

How to Protect Yourself After You’ve Changed Your PayPal Password

PayPal provides an array of security tips to protect both buyers and sellers. Taking some basic security measures will help cover your virtual well-being.

Update Your Software

Updated software covers potential holes hackers might poke through to get inside your computer or mobile device. Some of the more popular targets for cybercriminals, according to PayPal, include Microsoft Office, web browsers, Adobe Flash Player and Adobe Reader.

Get a Pre-emptive Vaccination With Anti-Virus Software

If your computer or mobile device has a hole in its security, a hacker can install malware, which is harmful software that can infect your computer with a virus or allow hackers to access your personal information. You can install anti-virus software and stop those suckers from ever getting in.

Protect Your Device With a Password or PIN

Not securing your computer or mobile device with a password or PIN is like leaving your front door wide open. Without password or PIN protection, hackers can easily access to your device if you lose it or leave it sitting unattended in a public place for a period of time. This is the first — and probably the easiest — step in keeping your personal information private.

Double-Dip on Security With This Protection

Get a double layer of security that makes you enter your normal PayPal password plus a one-time PIN that changes every time you log in. PayPal sends the code via text message. It’s free to register for this extra layer of protection.

Don’t Take the Bait

Scammers use a variety of tactics to trick you into giving them your login. They send phishing emails with links that direct you to a website that looks like PayPal, but it really isn’t. Then they just wait until you instinctively punch in your password and steal it.

To avoid this, always verify that the URL box reads “https://www.paypal.com/before entering your password.

Everyone involved loses if your information is compromised. Well, everyone except the thief.

Stephanie Bolling is a staff writer at The Penny Hoarder. She likes the view from the top of the iceberg.