Account hijacking, i.e. illegitimately accessing someone else’s personal online account, is on the rise and affects not only financial accounts, but the full spectrum of online accounts. To gain more insight in the illicit act of online dissemination of stolen account credentials, we systematically examined how such credentials were offered on three different types of online platforms where stolen credentials were disseminated and how offers varied by platform. We used web scrapes of these platforms for our comparative analyses. Our results demonstrate variation by platform in the type of information on accounts and account holders offered, the average asking price for credentials, and rules and services following a transaction. We conclude with policy implications and suggestions for future research based on the criminal event perspective.