Stolen account credentials: an empirical comparison of online dissemination on different platforms

Renushka Madarie, Stijn Ruiter, Wouter Steenbeek, Edward Kleemans

Research output: Contribution to JournalArticleAcademicpeer-review


Account hijacking, i.e. illegitimately accessing someone else’s personal online account, is on the rise and affects not only financial accounts, but the full spectrum of online accounts. To gain more insight in the illicit act of online dissemination of stolen account credentials, we systematically examined how such credentials were offered on three different types of online platforms where stolen credentials were disseminated and how offers varied by platform. We used web scrapes of these platforms for our comparative analyses. Our results demonstrate variation by platform in the type of information on accounts and account holders offered, the average asking price for credentials, and rules and services following a transaction. We conclude with policy implications and suggestions for future research based on the criminal event perspective.
Original languageEnglish
Pages (from-to)551-568
Number of pages18
Issue number5
Publication statusPublished - 13 Dec 2019


This work was supported by the Dutch Research Council (NWO) [Research Talent grant no. 406.17.562]. We thank the anonymous reviewers and editor for their helpful comments on an earlier draft and Lukas Norbutas for prematurely disclosing his dataset so we could analyse one additional platform.

FundersFunder number
Nederlandse Organisatie voor Wetenschappelijk Onderzoek406.17.562


    • Stolen account credentials
    • criminal event perspective
    • illicit online markets
    • web scrapes


    Dive into the research topics of 'Stolen account credentials: an empirical comparison of online dissemination on different platforms'. Together they form a unique fingerprint.

    Cite this