What’s A Stolen Credit Card Worth?

December 11th, 2013

The team at Dell SecureWorks (the security services division of Dell computing) has posted a very interesting bit of research on the economics of cybercrime, showing that the prices for some items and services have fallen as supply rises. Classic supply and demand at work.

But one segment of ill-gotten goods has remained steady: stolen credit card details.

When fraudsters skim or hack a cache of credit cards, they’ll often sort them based on the type of card, geography, credit limit, and how complete the card records are. These factors all influence how desirable the cards are for future profit potential. Then, they’ll sell them in bulk to other cybercriminals on underground forums to clone into counterfeit cards, which can be used to buy consumer goods to fence (like jewelry, luxury goods or electronics) or withdraw cash from ATMs.

Despite the significant purchasing power your credit card has, it costs the fraudsters surprisingly little. Have a look at the following chart from SecureWorks for an idea of the relative values of each credit card type:

Credit Cards and Their Value on the Cybercrime Black Market

Note: All credit cards sold with CVV codes (the three-digit identifier next to the signature strip).

Visa and MasterCard (US) $4
American Express (US) $7
Discover (US) $8
Visa and MasterCard (UK, Australia and Canada) $7-$8
American Express (UK, Australia and Canada) $12-$13
Discover (UK, Australia and Canada) $12
Visa and MasterCard (EU and Asia) $15
Discover and American Express (EU and Asia) $18
Credit Card with Track 1 and 2 Data (US) $12
Credit Card with Track 1 and 2 Data (UK, Australia and Canada) $19-$20
Credit Card with Track 1 and 2 Data (EU and Asia) $28

Note: Track 1 and 2 Data is information that is contained in digital format on the magnetic stripe embedded in the backside of the credit card. Some payment cards store data in chips embedded on the front side. The magnetic stripe or chip holds information such as the Primary Account Number, Expiration Date, Cardholder Name, plus other sensitive data for authentication and authorization.


For more information, visit Dell SecureWorks.

Leave a comment!

You must be logged in to post a comment.

Many businesses don’t prioritize disaster recovery. Improve your disaster preparedness with our FREE eBook.Learn More Here