trending:

sponsored:

Just In

More News Load more
Cybersecurity

Want to buy stolen credentials? Sellers at PayIvy take PayPal

by Elise Viebeck - 05/06/15 9:01 AM ET
by Elise Viebeck - 05/06/15 9:01 AM ET

You don’t need to use Bitcoin on the dark Web to buy stolen Web credentials, contrary to most assumptions.

Enter PayIvy, an online marketplace for digital services where stolen account data is increasingly available to any user with a PayPal account.

{mosads}The website is marketed as a place for selling ebooks, software and other digital products.

But fraudsters who want to make a quick profit are using it to hawk bulk account credentials for services like HBO Go and Spotify, sometimes for as little as $1 each.

PayIvy isn’t the only e-commerce site where these transactions are taking place. A handful of postings for apparently hacked accounts pop up on sites like eBay.

Still, the volume of listings at PayIvy is beginning to attract attention.

Security journalist Brian Krebs, who pointed out the trend on Wednesday, noted that the amount of fraud is building.

“Some of the sellers clearly are testing things to see how far they can push it: In just five minutes of searching online, I found several PayIvy sellers who were accepting PayPal payments via PayIvy for … wait for it … hijacked PayPal accounts!” Krebs wrote in a blog post.

“The fact that PayIvy takes PayPal as payment means that buyers can purchase hacked accounts with [stolen] credit cards — or, worse yet, stolen PayPal accounts.”  

The post included a comment from PayPal associate general counsel Jack Christin, Jr., who said PayPal has exited merchants from its system when they use PayIvy to sell stolen goods.

“PayPal proactively monitors sellers with PayPal accounts who use the Paylvy platform to ensure the products they are selling are in compliance with our [Acceptable Use Policies], and we take appropriate action when violations are discovered,” Christin said.

The market for stolen personal information and Web account data is growing as data breaches become more frequent and sophisticated.

Some of the most valuable information available in illicit online marketplaces are Social Security numbers and other permanent personal data, particularly for children.

Tags

Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed. Regular the hill posts

Main Area Top ↴
Main Area Bottom ↴

Top Stories

See All

See All
Sidebar Top ↴

Most Popular

  1. Marjorie Taylor Greene stumps for Steve Bannon as he reports to prison
  2. Housing costs have nearly doubled in swing states since 2020
  3. Potential cause of lupus may be identified: Study
  4. Evictions rising across Southwest, dropping in Northeast: Data
Load more
Sidebar Middle ↴

The Hill Podcasts

Sidebar Middle ↴

People – Custom HTML – Sidebar Bottom – Any Person

SIDEBAR BOTTOM