Uber accounts more valuable to thieves than credit card info, report finds

Uber accounts more valuable to thieves than credit card info, report finds


Estimated read time: 2-3 minutes

This archived news story is available only for your personal, non-commercial use. Information in the story may be outdated or superseded by additional information. Reading or replaying the story in its archived form does not constitute a republication of the story.

SALT LAKE CITY — Forget about credit card numbers. When it comes to identity theft, Uber, Netflix and PayPal accounts are the hottest commodities these days.

That's according to a new report by security company Trend Micro that found Uber account information fetches a higher price — on average, about $3.78 per account — on the underground market known as the "deep Web" than personal information like Social Security numbers and birthdates.

Using the stolen account information, thieves can set up a fake Uber driver account and collect money for rides that never actually took place, CNBC reports.

"It's an incredible underground ecosystem," Ed Cabrera, Trend Micro's VP of cybersecurity strategy, told CNBC. "There is a high level of competition for these criminal buyers and there are a lot of different types of forums. It's incredibly diverse but incredibly mature."

Part of the reason these accounts are so valuable is that they're difficult to detect. When a credit card is stolen, consumers often receive fraud alerts quickly, which allows credit card companies and banks to shut down the accounts. But when a Uber account is hacked, it's not so simple.

"If a user suddenly takes a cross-country ride versus following their usual movements, that should spark an alert," analyst Andras Cser told CNBC. "On the other hand, that's incredibly hard; maybe I am traveling, or my wife is using my account."

Uber is aware of the problem and has taken steps to protect its users by bringing in teams to look out for potentially fraudulent activity. CNBC reports the company is testing a two-step authentication process requiring users to provide more detailed credentials when logging into an account from an unknown device.

But the fact remains that those stealing the information know what they're doing, and it's up to the consumer to be cautious.

"They are doing their own market research on where they can find the data that's most valuable in the criminal underground and they develop their attacks accordingly," Cabrera said.

Cybersecurity can prove difficult, seeing as how many people tend to use the same password for multiple accounts. Experts advise users to take additional measures to heighten security when it comes to online accounts.

Some easy ways to do that include installing up-to-date security software on personal computers and smartphones, using strong passwords and avoiding the same password on multiple accounts, monitoring your credit scores often and staying educated on the latest scams, according to Webroot.com.

Jessica Ivins


    Catch up on the top news and features from KSL.com, sent weekly.
    By subscribing, you acknowledge and agree to KSL.com's Terms of Use and Privacy Policy.

    KSL Weather Forecast