A brief introduction to the dark web
Websites on the dark web are not indexed, which means that they don’t show up in standard search engine results. Instead, websites on the dark web live in a different part of the internet. Regular websites (like this one) are part of the surface web — anyone can search for and visit them.
The dark web is part of the deep web, which consists of all the web pages that don’t appear in standard search results. Whenever you log in to your email, online banking, or favorite streaming site, you’re accessing the deep web.
Within the deep web is the dark web (or darknet). To access the darknet, you need special software, such as the Tor Browser. The Tor Browser and similar tools route your internet traffic through a special encrypted network that anonymizes your data and lets you reach the dark web.
Privacy is the whole purpose of the dark web’s existence. Though there are many good reasons to want to browse privately during normal, surface-web activities, the anonymity provided by the dark web also creates a welcoming environment for illegal activity.
How might my information end up on the dark web?
How would your email be found on the dark web if you’ve never actually been there yourself? In many cases, it’s a hacker. Hackers are often looking for credit card numbers, CVV codes, or social security numbers.
Sometimes it’s as simple as sending a phishing email to the right company employee, while other hackers might pose as technical support staff to install malware on their target’s computer. Many hackers target data brokers, which are companies that collect personal data and sell it for marketing and advertising use.
Once a hacker has the information they’re looking for, they often upload it for sale on the dark web. And that’s how your username and password could end up on the darknet, along with 1.4 billion others.
In 2019, the bank Capital One was hit by a data breach that compromised the personal data of over 100 million people. The attack was traced back to a hacker who’d been boasting in online channels about their heist. As a direct result of their gloating, the hacker was arrested.
What is a dark web scan?
A dark web scan checks the dark web for your information among lists of stolen data, usually from data breaches. If your data is found on one of these sites, you’ll be alerted and can then take the necessary next steps.
No dark web scan can cover the full amount of stolen information residing on the dark web, because some of it is traded privately or available only on private websites. But if you think your data or personal information has been compromised, a dark web scan can certainly help find out.
Avast BreachGuard automatically scans the dark web, searching for any of your passwords or credentials that might have leaked, and it will notify you immediately if anything is found. Plus, BreachGuard will help to prevent data brokers from storing and selling your data, further safeguarding your personal information.
What does a dark web scan do?
To conduct a dark web scan, you must first provide your personal data to the company performing the scan so that they can try to find it on the dark web. The company then scans all the lists of stolen data, also known as data dumps, that they can access on the dark web. These lists may contain information about millions of people, and they’ll be posted for sale on various dark web marketplaces.
It’s impossible for a single dark web scan to cover the entirety of the dark web, so most scans focus on the most popular dark web marketplaces that aren’t protected with additional privacy safeguards.
If one dark web scan is not enough, you can also use a service called dark web monitoring. Dark web monitoring uses crawlers and scrapers to constantly search through compromised data for signs of your personal information.
Dark web scans search through leaked databases to see if your information is there.
What are dark web scanners looking for?
The easiest way to find out if your information is on the dark web is by providing your email address to a dark web scanning service. The scanning service will perform a dark web email scan to see if your address is listed with any of your passwords.
Although your email address and passwords are the golden keys to a lot of sensitive information, identity thieves are also interested in social security numbers, credit card numbers, and banking information. Dark web scans can search for this information as well, alerting you if they appear for sale on any dark web credit-card and banking-data lists.
How to find out if my information is on the dark web
Although you may be tempted to dive into the dark web to look for your data, this process is usually best left to professionals who know how to do a dark web scan.
No dark web scanning service, or dark web monitoring service, can cover all the possible places where your data could wind up, but it will still cover a significant portion and could possibly locate your data on the dark web.
Is dark web scanning free?
There are both free and paid options for dark web scans. Some companies offer a free dark web scan for first-time users, but then charge for follow-up scans or continuous dark web monitoring services. Without knowing which data lists a company can access, it’s hard to know if a particular paid scan is better than a free scan.
The free Avast Hack Check tool searches the dark web to see if any passwords associated with your email address have been exposed. If any are found, you’ll get a report set to your email address, letting you know which accounts were compromised so that you can take action immediately.
If you want 24/7 dark web monitoring, Avast BreachGuard continuously checks in real time to see if any of your data has leaked while also monitoring for new data breaches.
Plus, BreachGuard automatically sends removal requests to data brokers to keep your information out of their databases. And if any of your data does turn up in a leak, we’ll help you secure your info against future breaches with new, stronger passwords.
When dark web scanning might be useful
If you think you’ve been affected by a recent data breach, it’s time to scan the dark web to see if your information is available for sale.
In 2013, Adobe reported that hackers had gained access to at least 38 million usernames and encrypted passwords. If you were an Adobe subscriber in 2013, it would have been a great time to sign up for a dark web scan to see if your information had been stolen and exposed.
Data breaches have grown more frequent in recent years. Here are a few examples of other large companies that have been victims of cyberattacks:
-
Equifax, a credit bureau, was hacked in 2017. The beach affected 143 million people, with credit card numbers, social security numbers, and personal documents among the stolen information.
-
Quora, a question and answer site, was hacked in 2018. The attack compromised the email addresses and passwords of 100 million people.
-
Starwood, a hotel chain, was also hacked in 2018. Passport numbers, birthdays, addresses, and accommodation info for 500 million people were stolen.
-
EasyJet, a budget airline, was hacked in 2020. The breach exposed the email addresses and travel plans of 9 million people.
With a real time data breach alert, you might still have enough time to quickly change your passwords to prevent anyone from accessing your accounts.
The limitations of dark web scanning
You may think of a dark web scan as web crawlers or data scanners covering every corner of the dark web. In reality, the scope is much more limited.
Dark web scans usually look for your data in the large data dumps that appear after a company has been hacked. In addition to these data dumps, dark web scans and monitoring services also crawl blogs, chat forums, and peer-to-peer file-sharing networks.
Data dumps are commonly traded in dark web marketplaces. Until it was shut down in 2013, the Silk Road was the most infamous dark web marketplace. Although most people associate the Silk Road with drugs and weapons, it was also a place to buy stolen data in bulk.
In the wake of the Silk Road’s disappearance, several other dark web marketplaces have popped up to meet demand, offering stolen data for sale, among other illegal items.
Scanners can't cover the whole dark web
Dark web scanners can crawl publicly available portions of the dark web, but there will always be channels of communication they can’t access, such as private transactions and lesser-known websites.
Dark web sites are also unpredictable by nature. New ones pop up overnight and disappear just as quickly, which makes monitoring them difficult. In addition, there is the vastness of the internet to consider. It’s unrealistic to expect a scan to cover all the data across the entire web.
A single dark web scan also covers only a single point in time, on a single day. Something could appear afterward, and unless you were to conduct another scan, you’d have no idea. That’s why you need a dark web monitoring service like Avast BreachGuard, which constantly scans the dark web for any signs of your personal info.
Avast BreachGuard monitors the dark web in real time for any traces of your personal data.
If the scanner returns a result, your data has already been stolen
Dark web scans don’t prevent hackers from stealing your data. If a dark web scan finds your personal information, it means that your data has already been stolen. Also, a dark web scan cannot remove your data from the dark web — it can simply alert you that it’s there.
Dark web scans sound like they uncover only bad news, it’s still helpful to know if your data has been compromised. Once you know, you can immediately take steps to prevent further damage, like changing your login information or even freezing your credit.
What are the alternatives to dark web scanning?
An alternative approach to using dark web scans and monitoring is to accept that your personal data is already compromised and available for purchase somewhere on the dark web. Once you accept that this has probably already happened, or is likely to happen, you can focus on preventive measures.
One effective preventative method is using a multi-factor authentication system. This means that when you’re logging in somewhere, such as your email or banking accounts, you must confirm your identity in more than one place to gain access.
For example, if you’re using a laptop to log in in to your online banking, you may also have to enter a security code that’s sent to your phone via SMS. This extra layer of security provides a roadblock to any hackers trying to gain access to your accounts.
What to do if you think your information is on the dark web
Getting an alert from a dark web scan or monitoring service letting you know that your data has been compromised can leave you feeling uncertain and exposed. But there are follow up steps you can take to mitigate the damage. Here’s what to do if your information is on the dark web:
Change your passwords
Change any passwords associated with the stolen data. And, while you’re updating your passwords, you should think about password hygiene in general.
Have you used the same password on multiple websites? Is it a strong password or just another variation on your pet’s name combined with your birth year?
Strong and unique passwords can limit the damage to just one site. If one account is compromised, hackers won’t be able to use that password to log in anywhere else.
A password manager generates strong and unique passwords for each site that you use, and it stores them so you can automatically log in. If you’d rather just get a little help creating strong passwords, using a service like Avast’s random password generator will automatically generate strong passwords for you.
Report evidence of identity theft
Have you noticed any suspicious transactions on your financial statements? Have you received a login notification from a device that isn’t yours? These are just two of the potential warning signs of identity theft.
Identity theft is widespread, with more than 14 million people reporting identity theft in 2018 alone. After buying your data on the dark web, a cybercriminal can use it to commit identity theft.
Monitor your credit reports to see if anyone has opened credit cards or taken out loans in your name. Learn how to report identity theft so that you can disclose any suspicious activity you see in your credit reports.
After you’ve learned how to report it, it’s just as important to understand how to prevent identity theft. Tighten up your privacy online and strengthen your security measures so that you’re not an easy target.
Close accounts you suspect might be threatened
If a dark web scan finds your email and password on the dark web, close any accounts where you’ve used this login combination to prevent hackers from gaining access to additional information.
Rarely used accounts are great access points for hackers, because if you’re not logging in regularly, you’re less likely to notice any fraudulent activity.
If you’re a repeat-password offender with unused accounts scattered around the internet, closing them can reduce entry points for any hackers who may already have your login information.
Freeze your credit
Freezing your credit will prevent anyone from opening a new credit card or taking out any loans in your name. In the US, it’s free to freeze your credit and you can do it online, but you’ll need to do it with all three credit bureaus: Experian, Equifax, and TransUnion.
Get automatic alerts any time your password is stolen
Keeping up with online security isn’t easy. So much of our personal information is now stored and shared online, and security is no longer as simple as shredding sensitive documents. There are strong passwords to create, credit reports to monitor, and multi-factor authentication steps to set up.
Avast can help ease the burden with BreachGuard, which offers dark web monitoring and password-strengthening features. Avast BreachGuard monitors the dark web for your data 24/7 and will alert you any time your password is stolen. BreachGuard can also help you create strong and unique passwords, as well as help you adjust the privacy settings across your online accounts.
Data breaches have become a regular threat. And the best way to stay protected is to use a monitoring service to alert you to new incidents and offer help if you’re ever affected.