With data theft and cybercrime becoming a sadly common occurrence the term dark web has entered the public lexicon. The dark web calls to mind something out of classic sci-fi and cyberpunk literature and popular entertainment. However, despite this fantastical image, the real dark web is much more mundane but still something to take seriously.
Part of what makes the dark web dangerous from a business and consumer viewpoint is that it's where stolen information (such as account logins) ends up being listed and sold. This allows cybercriminals access to customer accounts as if they were the user themselves via an account takeover. With more and more data ending up on the dark web the need for dark web monitoring services has become more important. Part of defending your business from dark web related criminal activities is greater awareness about what it is.
Dark Web Vs Deep Web
One common area of confusion is overstating what the dark web actually is. Only, 10% of the internet is considered surface level material meaning you can easily find it via a search engine such as Google. Still this 10% constitutes billions for web pages and makes up a majority of most people's internet use the remaining 90% is considered the deep web.
The deep web refers to any information you can’t find with a search engine and in many cases, such information requires login credentials to even access it. This does not mean that 90% of the internet is filled with illegal or criminal activity. Much of the deep web is personal servers, forums, company intranets, databases, and even email platforms. Much of it is perfectly mundane information that unless you had a reason to access it you wouldn’t be concerned with it.
The Dark Web is a much smaller subcategory of the Deep Web, much harder to access, and does contain criminal activity. The scope of criminal activity on the dark web varies with much of it being common crimes such as drug sales, stolen goods, digital piracy, fraud, and information theft. The sale of stolen information is especially important to your business as data breaches can lead to illegal account access.
Account Takeovers And The Dark Web
Cybercriminals have several different methods of accessing user information illegally for the purposes of theft and fraud. Such methods can include phishing, data breaches, and account takeovers with each involving different methods and approaches to the act. Phishing, for example, involves misrepresenting oneself as representing a company or government entity so that a customer hands over their personal information willingly. Data breaches involve illegally accessing databases, and account takeovers involve logging into customer accounts using stolen login credentials.
Account takeovers are an especially insidious form information theft as they don’t involve bypassing security and a criminal simply logs into a customer's account using their legitimate login information. Where the dark web comes in is in the acquisition of this information as many of the people performing account takeovers are not the same ones who stole the information in the first place. Such information thieves steal login information from companies and sell these username lists on the dark web for a fee.
These username lists are why dark web monitoring services are so important to keep your customers safe. Also, you don’t need to have your company’s information stolen to be a victim of account takeovers. Many people reuse password and usernames and a data breach at a completely unrelated company could lead to your customers being compromised. Monitoring keeps you informed of when this information is leaked that matches your login database no matter what the source allowing you time to respond.
Cybercrime is an issue that is very unlikely to go away as the internet has become a more and more ingrained part of people’s daily lives. What can be controlled is how you respond to cybercrime and the steps you take to protect your business and customer from it. By tracking the availability of customer account information on the dark web you can respond to this by changing customer login information keeping customers safe and preventing account takeovers.
Featured Image: Shutterstock