The dark web is a part of the internet that can’t be navigated with normal search engines. It isn’t indexed for search, and it requires a special browser to view. Not everything on the dark web is nefarious, but the greater degree of anonymity users enjoy, there means that lots of criminal activity happen on dark websites — including the buying and selling of stolen personal information.
But how do you even find out if your info is on the dark web, and what do you do if you discover that it is? You can check to see if your information has already found its way onto the dark web, but it’s safest to process as if your data has already been compromised — with data breaches happening left and right and affecting companies of all sizes, it’s really only a matter of time until it’s true, anyway. Take steps to protect your data, so you can avoid becoming the victim of cybercrime.
Assume that Your Information Is Already Compromised
There are plenty of services available to help you determine whether your personal information has been compromised in a data breach. Have I Been Pwned is a longstanding and popular option to check for your data on the dark web, but it’s not the only one. These tools can help you determine if your email address has been leaked to the dark web, as well as other, more sensitive information.
Whether or not you get confirmation that your data is on the dark web, you should proceed as if it already is. Perform regular malware scans on your computer and use a comprehensive antivirus solution with a firewall. Avoid accessing sensitive information, like financial accounts, on public wifi. Secure your home network. Check your financial accounts daily, and your credit reports regularly. That way, when scammers do get their hands on your personal info — and they eventually will — they won’t be able to do much with it, because you’ll be on your toes.
Use an ID Monitoring Service
An ID monitoring service can do a lot to protect you from dark web denizens. These services monitor the dark web for the appearance of your sensitive info, including email addresses, credit, and debit card numbers, other financial account numbers, Social Security numbers, and even your address. They’ll alert you if any of your sensitive financial info appears on the dark web, if your email is breached, or if you’re using passwords that have been compromised on the dark web. Then you can take appropriate steps, like changing passwords for compromised accounts, monitoring your financial accounts more carefully, or freezing your credit to prevent identity theft.
There are plenty of such services available, but the free ones don’t offer as many features, so they aren’t as useful. Buy a paid ID monitoring service, like this one available from Trend Micro: https://www.trendmicro.com/en_us/forHome/products/id-security.html
Get a Password Manager
Using a unique, strong password for each and every one of your online accounts is one of the single most effective things you can do to protect yourself from cybercrime and identity theft. Yes, we know that’s difficult because you have so many accounts. Some people have dozens of sets of login credentials for email, social media, financial accounts, and so on.
It might be easier to use the same password for everything, but that also makes it easier for cybercriminals to access all your personal accounts. And if your one password gets compromised, you’ll have to go and change them all anyway — but you’ll most likely miss at least one, which could leave you still vulnerable. Use a password manager like LastPass or KeePass not only to generate secure passwords for all your accounts but keep track of them, too.
The dark web isn’t entirely populated by criminals — a lot of dark web users are regular people who just want a truly anonymous online experience. But that doesn’t change the fact that stolen personal information is bought and sold on dark web forums every day. Take steps to protect yourself, so you don’t become a victim.
We used last pass and someone changed the password and put all our info on dark web. No response from last pass.