In 2022, the exchange of compromised e-mail account details continued to proliferate on the dark web. All in all, more than 1.6 million warning messages were sent out in 2022. Most of these related to the dark web, where 1.5 million alerts were registered, compared with 106,000 alerts registered on the open web, as shown by the figures collated by the CRIF Cyber Observatory.

Credit card numbers are now ever more frequently available with CVV details and expiry dates
The largest increase in stolen information compared with the previous year involves credit cards (+10.5%) along with details of the CVV (the three-digit security code on the cards) and the expiry date. Hackers can use this information to steal cash or carry out transactions.

The risk associated with online games and online dating
Accounts associated with entertainment sites, particularly online games and online dating, are the type most seriously exposed to the theft of personal details (over 37% of all cases). Forums and websites (28.4%) are also badly affected, as are accounts on social media (25.7%).

Telephone numbers are increasingly valuable
Telephone numbers have become particularly valuable items of personal information, because they allow access to many platforms and apps that have introduced 2-factor authentication into their log-on procedure.

The most vulnerable details of all
Of all the different data categories attacked by hackers, the most vulnerable are the e-mail addresses of individual people and businesses (in 1st place), passwords (2nd place) and telephone numbers (3rd place) which mainly circulate on the dark web. In comparison with 2021, user names have receded to 5th place and have been overtaken by telephone numbers, as well as first names and family names (4th place).

It is even more interesting to take a look at those details that turn out to involve the most significant combinations: e-mails are very often associated with a password (in 90.5 % of all cases); passwords also very often turn up with user names (71.7 %). In the case of credit cards, we find that the CVV and expiry date are also very frequently present (in 98.1% of all cases).

The most frequently stolen passwords in Switzerland
According to an analysis of passwords found on the dark web, the most popular passwords in Switzerland are: Daniel, Sandra, Thomas, Snoopy and sunshine.

CRIF Cyber Observatory
CRIF Cyber Observatory investigates the vulnerability of individuals and businesses to cyber attacks on the open and dark webs; it also indicates which items of information are most exposed, what details can be found on the internet and where the traffic in data is most concentrated. This survey was carried out with reference to 2022.