American computer security firm RSA has warned that cyber criminals are selling stolen credit cards for as little as £1 on the dark web.
The firm said crooks are on a "shopping spree" of their own and are looking to plunder people's financial credentials ahead of Black Friday.
It's just released new data on how hackers are stealing credit card credentials, and the cost for British credentials averages at around £9.
With this stolen financial information, fraudsters are able to make legitimate purchases online. In fact, they're spending up to £189 per transaction.
RSA's fraud and risk intelligence team spent a year analysing the dark web and other sources to get these statistics. They actively identify potential fraud campaigns.
The researchers calculated the average cost of credentials per country. In Ireland, this price is £7.63, and in the United States, it's currently £4.58.
Malta is one of the most expensive countries, with stolen credentials costing on average £10.99. Italy comes in at £8.96, with the price in Spain being £8.13.
The team also found that 0.3 per cent of all transactions are illegitimate, and around £202.56 is lost per hour. Shockingly, phishing attacks take place every 30 seconds.
Every day, the company adds 300,000 known fraud entities to its databases, and it claims the work it's doing stops $4,016,340 in fraud losses per month.
Tim Ayling, EMEA Director of fraud and risk intelligence at RSA Security, said: "With hundreds of thousands of UK card credentials available to buy on the dark web for less than £10, you can bet that cybercriminals and fraudsters will be on their own shopping spree.
"Major sales events like Black Friday have historically seen a huge number of compromised accounts being sold by hackers, used to make illegitimate purchases and siphon funds from virtual wallets.
He added that fraud detection solutions are crucial in combatting online crime. "In the past there has even been a dialing-down of proactive fraud detection on big shopping days like these.
"Merchants and card issuers were so insistent on allowing their transactions to flow through, they would often choose to allow more risky transactions to continue.
"This is slowly changing and anecdotal evidence suggests that both maturity in fraud prevention tools, as well as the scale of the fraud problem, are allowing the financial institutions to become more stringent on these days.
"However, shoppers must remain vigilant. Fraudsters are opportunists by their very nature, and many will see Black Friday as a golden opportunity, hiding amongst the spike in legitimate purchases."
Rashmi Knowles, EMEA field CTO at RSA Security said: "Stolen credentials continue to be one of the biggest reasons behind data loss and financial fraud, and it's vital that everyone is monitoring for suspicious activity across their bank accounts between now and Christmas.
"Online shoppers should enable two-factor authentication on popular accounts such as Amazon, to ensure any attempts to login from an unknown device will be unsuccessful.
"In general, users should never reuse a password or choose one that is so complex you can't remember it, and take time to educate themselves through initiatives like ActonFraud, which offers a number of helpful tools to keep consumers safe."
Banks, law firms and financial software suppliers in the UK, US and Russia targeted
Rolls-Royce chief digital officer Neil Crockett plans to use big data for efficiency and profit
Tackling security and global connectivity in logistics
AMD's Ryzen roadmap on track