Fraudsters are selling stolen credit card details over the Internet for as little as $1, according to a study conducted by security systems vendor Symantec which also found that other confidential information - including bank account data - is available for just $14.
Symantec's latest Internet Security Threat Report details the use by criminals of 'underground economy servers' to sell stolen personal data over the Web.
US-based credit cards with a card verification number were available for between $1 and $6, while personal identity details -including a US bank account, credit card and government issued identification number - were available for between $14 - $18.
Over half of the underground messageboards (51%) uncovered during the six month analysis were located in the US, says Symantec.
The research, which was conducted between July and December last year, also found that fraudsters are launching more coordinated attacks, combining phishing spam and malicious code such as Trojans in order to capture personal details.
Around 30% of the total spam sent in the six month period related to the financial services industry and included rising volumes of "pump-and-dump" spam mails. Overall an average of 904 phishing emails were sent per day, marking a six per cent increase over the first six months of 2006.
The study also found that more than half (54%) of all ID theft-related data breaches could be traced back to the theft or loss of a computer or other removable storage device.