Skip to main content

What websites do hackers target most?

5 minute read

    We live and work in a digital world. Modern conveniences like online shopping and mobile banking have made our lives easier in more ways than one. But as we continue to engage in our lives and businesses through digital platforms, we must guard against the cyber security threats that often come hand in hand. 

    In this article, we will help you understand some of the motives of cyber criminals, their top website targets, common information they like to steal and how to help prevent a hacker from obtaining your personal information.

    What kind of websites do hackers look to target?

    A hacker's main objective is usually to make money. Certain kinds of stolen data can get cybercriminals billions of dollars globally each year. They are constantly looking for websites with easily exploitable security gaps. And ideally, websites that hold valuable lists of data such as names, Social Security numbers and financial information. Here are a few of the most targeted kinds of websites:

    E-commerce websites

    Often hackers can find vulnerabilities within an e-commerce website, especially ones using common coding or shopping cart software. If hackers can find a vulnerability to exploit, they may be able to enter the site remotely, take control of the system and steal the credit card data of customers.

    Small businesses

    Sophisticated security systems are expensive to setup and maintain. For this reason, small businesses may not have the funds yet to invest in the same kind of security as that of larger companies. Hackers may be on the lookout for websites that do not have these systems in place.

    News outlets

    Some hackers just want to create news or stir controversy to manipulate public perceptions. If they can hack a news outlet and take stealth control of their system or steal insider information from journalists, they can cause a lot of unrest in society.

    What are some of the top industries that hackers target?

    There are five industries that are particularly valuable to hackers and therefore are highly targeted.


    Healthcare organizations can often hold many personal details about patients that can be sold as a commodity so hackers can make money. Or some criminals may try to hack their IT systems so there are denials of services or an injection of ransomware that has the potential to paralyze their entire system.


    Some government entities possess quite a bit of sensitive information about people including Social Security numbers, fingerprints, etc.

    Financial services

    Hackers often go after financial institutions because of the opportunity to gain access to personal financial information. Additionally, they may try to gain access to accounts such as credit cards or investment portfolios. Common attacks in this industry include ransomware, server outages and data breaches.


    Non-profits often use fundraising portals that are sources for big donor information, including credit card information that people use to make donations. Hackers may target these portals and steal the data.

    Online retailers

    When customers make a purchase on a website, they typically sign up for an account with a login. This includes email addresses, passwords and can also include credit card information, all of which can be a target for hackers.

    How do hackers find targets?

    Depending on whether a hacker is looking for information on individuals or large corporations, there are two common ways they get information about their targets: 

    • Dark web forums: These forums are often where a cyber-criminal will upload their stolen data and detail instructions for other criminals on how to hack a certain website or code. This is also generally where sensitive customer information is sold. 
    • Social media: Hackers can build a profile on someone simply by studying their public social media profiles. These profiles often include the person's name, workplace, names of relatives and friends, birthdate, etc. A common form of hacking includes the impersonation of someone they have profiled.

    What do hackers tend to look for?

    Hackers typically set their sights on anything that could be of value — especially passwords that access bank accounts. Others include:

    • Social Security numbers
    • Date of birth
    • Email addresses
    • Financial information
    • Phone numbers
    • Passwords
    • Credit card info
    • Crypto wallets

    What do hackers do with the data they steal?

    Stolen data is most commonly used to impersonate someone. If they have the right credentials, the hacker may try and apply for a credit card in the victim's name. They may file a Social Security, medical or unemployment claim. Some may even apply for a large personal loan with no intention of paying it back. It may take quite a long time before the victim and the lender realize this is happening. 

    Other fraudsters may use stolen data to log into a victim's accounts. Once they log in, they can transfer funds, make fraudulent purchases, open new accounts and much more.

    What can I do to prevent myself from getting hacked?

    When it comes to protecting sensitive information, there are some basic preventative measures you can take to protect yourself and your data: 

    • Use strong passwords and not the same one for every account (you can use a password generator app to ensure you have a strong one) 
    • Use two-factor authentication 
    • Regularly monitor account statements 
    • Do not leave your computer and devices unattended 
    • Do not shop online or manage your online finances using public Wi-Fi 
    • Don't click on suspicious emails 
    • Don't save your credit card data with online retailers, even when your account is behind a login and password 

    Another way you can protect yourself is to enroll in Chase Credit Journey®, a free online tool that offers both credit score monitoring as well as identity monitoring. Identity Monitoring Resources include: 

    • Dark web surveillance: Find out if your info is on suspicious websites. 
    • Data breach monitoring: Be notified if your data is exposed in a company's data breach. 
    • Social Security number (SSN) activity tracking: Keep track of names, aliases, and addresses associated with your Social Security number. 
    • Identity verification alerts: Know when a lender verifies your identity, such as when you apply for a loan.

    In conclusion

    When targeting sites to hack, cyber-criminals may be looking for highly sought-after data or data that they can sell easily. They may also be looking for security vulnerabilities in the site. To protect yourself, be proactive when it comes to identity monitoring and ensure your devices have security software in place.

    What to read next