Fears over cyber security have been heightened in the wake of the worldwide takedown of ‘Amazon of crime‘ the Genesis Market.
The online selling site – which offered crooks victims’ IDs for as little as 50p (75c) – had not been heard of by most computer users until yesterday.
Alarming details released by the UK’s National Crime Agency have sparked concerns after millions of victims had their details up for sale.
They included online banking, Facebook, Amazon, PayPal and Netflix account information, as well as digital fingerprints with mobile device data.
But online security experts say there are a number of ways people can stay safe – as well as spot the signs they might be compromised.
Vonny Gamot, Head of EMEA, at online protection company McAfee, told MailOnline: ‘Regularly monitor your accounts for any unfamiliar or unauthorised activity, such as attempted logins, messages sent from your account or transactions you didn’t make.
Vonny Gamot, Head of EMEA, at online protection company McAfee, has given cyber advice
Visitors to the Genesis marketplace today are greeted by this splash page after the takedown
‘If there is something suspicious, report it immediately.
‘And keep an eye out for phishing attacks. This could be an email or text message that directs you to a fake site designed to steal your personal information – either by tricking you into providing it or by stealing it without your knowledge.
‘It’s always wise to keep a sceptical eye open for unsolicited messages that ask you for information in some form or other, often in ways that urge or pressure you into acting.’
The Genesis Market worked through a group of attackers that created a program which infected millions of users over the world to harvest their data.
Those who wanted to use Genesis could only join by invite from an already established member.
The referrals were offered for sale on some places on the net for around £25.
The marketplace could be found using normal internet search engines, as well as on the dark web, and users were offered step-by-step guides on how to buy stolen details as well as how to use them for fraud.
The site contained easy-to-follow instructions telling offenders how to masquerade as their victim, getting around banking systems that require biometric data.
It even advised how to buy bitcoin to avoid law enforcement tracing transactions.
Data on sale included account log-ins, passwords, cookies, search history and autofill form data enabling fraudsters to build up a detailed picture about their prey.
Offenders were also able to infiltrate victims’ computers to install secret malware which notified them in real-time if their target changed their passwords.
Armed with the information, fraudsters were able to empty bank accounts, indulge in mass spending sprees or steal valuable data to blackmail victims into handing over even more cash through ransomware.
Vonny added: ‘If you think you may be a victim or are generally concerned about protecting your online privacy and identity, then there are some simple steps you can take to protect yourself.
‘Strong and unique passwords are a must, which means never reusing a password for multiple accounts, apps and platforms.
‘Using a password manager will help you keep on top of it all, while also storing your passwords securely.
‘While a strong and unique password is a good first line of defence, enabling two-factor authentication across your accounts helps provide an extra layer of protection for your privacy and identity.
‘Regularly monitor your accounts for any unfamiliar or unauthorised activity, such as attempted logins, messages sent from your account or transactions you didn’t make.
If there is something suspicious, report it immediately.
‘And keep an eye out for phishing attacks. This could be an email or text message that directs you to a fake site designed to steal your personal information – either by tricking you into providing it or by stealing it without your knowledge.
It’s always wise to keep a sceptical eye open for unsolicited messages that ask you for information in some form or other, often in ways that urge or pressure you into acting.’
Members of the public can click here to find out if their credentials featured on Genesis.
DailyMail