The building blocks for identify theft are for sale on the dark web, a hidden part of the internet that people access through special browsers such as Tor, I2p and Freenet.
Once there, scammers find their way to anonymous message boards, and markets for drugs, stolen financial data and other personal valuable information.
Almost everything’s for sale, and purchases are usually made with bitcoin, since the cryptocurrency is difficult to trace. You can get checking account information and stolen Social Security numbers. Even people’s medical records can be purchased for anywhere from a dollar to $60, depending on the amount of information you're seeking.
Why medical records? For starters, complete medical records generally contain a complete identity: name, date of birth, Social Security number and medical information. A detailed record can then be used to establish a fake identity, open a credit account, or it can be used to bill fraudulently for medical procedures, according to MIB Group, a nonprofit organization that offers underwriting services to insurance companies.