The Dark Web is not dissimilar to the regular internet that you are accustomed to using daily. The major difference is that it is only accessible by using a specific web browser called, Tor browser.
Without going into a bunch of technical details, the Tor browser is a completely anonymous way of accessing the internet due to the way it routes traffic across the web using its “Onion Routing” protocol. Also, all websites on the Tor network are a randomized string of numbers and letters that end in “.onion” instead of the usual top-level domain suffixes like “.com” or “.org”. For example, a Dark Web site only accessible from the Tor browser is nf9842n9tfjwh0.onion. (That’s not a real site that I’m aware of; I just mashed a bunch of buttons on my keyboard.)
Tor is not an inherently evil thing as you may have been persuaded to believe. For many people, the Dark Web is like an abandoned warehouse that everyone knows not to go into because bad things happen in there. However, Tor’s website states, “We believe everyone should be able to explore the internet with privacy. We are the Tor Project, a 501(c)3 US nonprofit. We advance human rights and defend your privacy online through free software and open networks.”
As benevolent as its creators and some of its users are, the Tor network isn’t called the Dark Web for nothing. Daniel Moore and Thomas Rid, researchers at King’s College in London, classified the contents of 2,723 live dark websites over a five-week period in 2015 and found that 57% hosted illicit material. This material ranges from the sales of drugs and counterfeit money to hacked credentials for banking accounts and streaming services. You can also find services offering to perform cybersecurity hacks like DDOS and botnet attacks all the way up to corporate and governmental espionage. The Dark Web is also home to scammers trying to steal money from the very people trying to purchase those illicit materials and services. As the saying goes, there is no honor among thieves.
As a side note, sometimes the term Deep Web is used interchangeably with Dark Web, but they are not the same. Deep Web refers to any web page that is not accessible by search engines, which basically means anything behind a login screen like your email or banking accounts.
Now that you know what the Dark Web is, let’s talk about what you can do if your information has gotten tangled in it.
WHAT DO I DO IF MY INFO IS ON THE DARK WEB?
As far as the actual information on the Dark Web is concerned, well, there really isn’t anything you can do about removing it. Although what you can do is focus on preventing anyone from using that info against you and covering yourself in case something does happen.
For our clients, we constantly scan the Dark Web for any information related to their company domains. When we get a hit, we immediately notify the user about what information we found, which can include passwords and Personally-Identifying Information (PII) such as Social Security Number, date of birth, and mother’s maiden name, and we assist them in changing those breached passwords.
Cybercriminals will purchase your information along with thousands of other people in bulk and use that information to access your accounts or to set up new accounts under your name. For example, if you were part of the MyFitnessPal.com breach, a cybercriminal will utilize software that will try the login credentials you used there (email and password) to gain access to your other accounts including your personal email, social media, banking, and shopping accounts.
A safeguard you can easily put into place is to not use the same or similar password across multiple systems. Make sure all of your logins are unique. The best way to manage that is by using a password manager. That way, you only have to remember one password and let the password manager handle the rest.
Another major safeguard to utilize is Two-Factor Authentication (also known as Multi-Factor Authentication) that utilizes a different medium to verify your identity, such as texting a code to your phone.
Beyond that, we recommend looking into identity protection services if your PII is available on the Dark Web. Those services can monitor for identity threats and automatically alert you if there is an issue. They will also work to resolve any ID theft issues that may come up and can even reimburse you for funds lost depending on the coverage you choose.
For more information, don’t hesitate to Contact Us today.