According to recent research from NordVPN, prices for stolen payment cards on dark-web marketplaces rose in most countries. While the global average still sits around $8, some markets jumped by as much as 444%.
Many assume cybercrime happens to someone else, yet stolen payment card details change hands on these markets every day. It’s rarely just a card number: listings often include names, addresses, emails, and other details that help criminals pass fraud checks and impersonate real customers.
“Even with prices rising, card data remains cheap enough for entry-level criminals,” says Adrianus Warmenhoven, cybersecurity expert at NordVPN.
“On major marketplaces, a single stolen card often costs about the price of a movie ticket. Cards are frequently sold in bulk, stay valid for long periods, and can be cashed out locally — so for a few dollars criminals choose between a night at the cinema or a ready-made route to fraud, account takeovers, and outright cashing of someone else’s money.”
From $1 to $23: the forces behind dark-web card pricing
Compared with other countries, Americans are the most affected by payment-card scammers. More than 60% of payment cards belonged to U.S. users. Singapore is second at about 11%, and Spain is third at around 10%.
However, high prevalence doesn’t equal low price. Stolen U.S. cards sit near the middle of the dark-web range at $11.51. While the most expensive listings come from Japan at roughly $23. Cards from Kazakhstan, Guam, and Mozambique go for roughly $16. At the low end, cards from the Republic of the Congo, Barbados and Georgia can sell for around $1.
Globally, most stolen payment cards cluster around $9. In Europe, Spain tops the list at $11.68, followed by France ($11.07) and Switzerland ($11.96). In Asia, Japan leads by far with cards averaging $22.80, followed by Kazakhstan ($16.87) and Thailand ($15.08). In North and Central America, El Salvador stands out with $15.80, followed by the United States ($11.51) and Canada ($5.88). In South America, Colombia’s cards reach $14.52, followed closely by Chile ($12.52). In Africa, Mozambique leads with $16.38, while Morocco follows at $11.95. In Oceania, New Zealand tops the region at $13.39, outpacing Australia ($9.11).
Indian payment cards cost 7.92 dollars, while Chinese payment cards cost 7.99 dollars. This marks a 134% increase from 2023, when a payment card cost 3.40 dollars.
Why prices spiked: supply, demand, and stricter anti-fraud controls
Our analysis shows that over the past two years, prices for stolen data have risen significantly. The largest increase was in New Zealand (more than 444%), followed by Argentina (368%) and Poland (221%), while France saw a modest rise of just 18%.
Pricing on the dark web mostly follows simple supply and demand. Criminals pay more for cards from countries where supply is low and anti-fraud controls are strict, such as Japan. In markets with abundant data like the U.S. or Spain, cards are cheaper and often sold in bundles, which lowers the price per card.
“The strength of law enforcement and political stability also shape risk and price — where ‘risk’ refers to how advanced issuers are at detecting fraud and how quickly they respond,” says Adrianus Warmenhoven. “Cards with longer expiration dates command a premium: about 87% of the cards we observed remain usable for more than 12 months, which makes them easier to resell.”
Carding: How criminals turn stolen cards into cash
Millions of cards are listed on the dark web, but the money is made in what happens next — the cash-out, a process usually called carding. Stealing or buying card data is just the start; the real skill is validating, monetizing, and laundering that data so that it turns into actual profit.
Carding runs like an industrial supply chain. Different actors play specific roles: “harvesters” source or steal data, “validators” run bots that check thousands of cards per hour, and “cash-outers” convert validated cards into gift codes, goods, crypto, or cold cash.
“The crucial step in carding is validation,” says Adrianus Warmenhoven. “Cybercriminals use bots to run tiny test charges or authorization attempts to see which cards work. Sometimes they use small payment providers or merchant sites they control to spread attempts and hide failures. Once a card is validated, it can be used to withdraw cash from ATMs, buy gift cards or vouchers, or purchase travel and accommodation that can later be resold. Monetization and laundering are tightly coupled — multiple steps are used to obscure the origin of funds.”
Easy tips on how to stay safe:
Adrianus Warmenhowen from NordVPN shares a series of steps people can take to protect themselves:
● Monitor your statements regularly. Review your bank and card activity at least weekly and turn on real-time transaction alerts to catch unfamiliar charges early and dispute them quickly.
● Use strong passwords. Secure accounts with complex and unique passwords, especially in e-shops where you save personal data, such as your home address and payment details.
● Don’t save passwords and payment data in your browser. If malware infects your computer, it can access your browser’s local password storage and steal autofill information, such as passwords, addresses, and payment card details.
● Enable multi-factor authentication (MFA). Add an extra layer of security with codes, devices, or biometrics.
● Monitor the dark web. Tools like NordVPN’s Dark Web Monitor can alert you if information associated with your email addresses are found on the dark web, while Dark Web Monitor Pro allows you to add credit card numbers for continuous monitoring and instant alerts too.
Methodology: The research was conducted by NordStellar, a threat exposure management platform created by the team behind NordVPN. NordStellar researchers analyzed stolen payment card data being sold on dark web marketplaces. The dataset, collected in May 2025, included a total of 50,705 card records.
Please note: No individual payment card details or user credentials were accessed or purchased during this study. The researchers analyzed only the metadata provided in stolen data listings on dark web marketplaces.
For more information visit nordvpn.com.
