Few things cause anxiety like finding out that your personal details have been exposed in a data breach and may be available on the dark web. Knowing what to do if your information is on the dark web is the first step in protecting yourself from potentially devastating fraud and identity theft.
Keep reading to learn about the risks, how to spot suspicious activity and how to stay safe when your information is compromised on the dark web.
What is the dark web?
The dark web is a network of hidden websites and other services that require specialized software to access. Much of the material found on the dark web is encrypted or otherwise protected. None of it is visible without access to Tor, a specialized browser and software that ensures anonymity by hiding the user's location and IP address.
Be aware that we’re not talking about the “deep web.” The deep web is the part of the internet that houses emails, academic sites, research journals, media archives, private databases and other things that search engines don’t index. The deep web contains the dark web, but the deep web also accounts for 90% of all web content.
What is the dark web used for?
The dark web is primarily used by people who want to have anonymity online. It was initially created for political activists and dissidents to communicate while living under oppressive governments. Some people still use the dark web for this intended purpose.
Recently, however, it’s become more commonly used by cybercriminals and others engaged in illegal activity who are looking to obscure their identities.
What is on the dark web?
When people use the dark web to commit crimes, they may be doing so to purchase or sell several different types of goods or services. Some of the most commonly available on the dark web are:
- Stolen credit card or banking information
- Drugs, including prescription drugs and illegal drugs like cocaine and heroin
- Counterfeit money, including American dollars and Euros
- Hacked accounts, from software licenses to social media
- Guns and other weapons, including mines, grenades and larger assault weapons
- Stolen government data, including driver’s license or passport information and tax account numbers
- Medical records
- Fake IDs
- Pirated software and media
How to find out if your information is on the dark web
All 50 states currently have some form of data breach notification legislation on the books, detailing how businesses or governments must inform those affected. Banks, credit card companies, lenders and online marketplaces now publicly disclose data breaches.
Your first indication that your information is on the dark web might very well be when one of these institutions alerts you that your information was compromised in a data breach. Or you may have noticed strange activity on your credit card or Amazon account. You might also have gotten notifications about online banking transactions that you didn’t initiate.
If you’re interested in more active defense, consider a dark web monitoring service. These services, some of which are free, will scan known data breaches for any mention of your name, identifying characteristics and sensitive information that may have been exposed. Many of the best credit monitoring services also offer dark web monitoring.
What to Do if Your Information Is on the Dark Web
Even the best identity theft protection can’t prevent every data leak. A monitoring service will notify you if your social security number, credit card number or other sensitive information has appeared on the dark web. However, it can’t stop hacks from happening.
If you think you're the victim of a data breach — for example, if there's a string of unauthorized purchases using your credit card — you should act right away.
If your information ends up on the dark web, here are some steps you can take.
1. Scan for viruses, malware and other tools hackers might use to compromise your data
Make sure your antivirus protection is up to date and perform thorough security scans on all your devices. If you find trojans, viruses, keyloggers or other forms of malware, take steps to isolate the device by turning on airplane mode or manually turning off networking and Bluetooth. Once you’ve disabled the malware's ability to infect other devices, you can then attempt to remove the malware.
In most cases, the antivirus program that detected the threat should be sufficient to remove it. However, you may need professional help depending on the infected device and the type of malware.
2. Update passwords and make them strong
Review your logins for every bank account, email account and online service you use to see if anything has changed without your knowledge. Make sure you follow password best practices:
- Use upper and lower case letters, numbers and special punctuation marks.
- Never use names, birthdates or other personal details that hackers can guess based on publicly available information.
- Use a different password for all your online accounts.
If you have trouble remembering multiple passwords, consider a password manager like those built into many web browsers.
3. Review your credit report, notify the credit bureaus and report unauthorized use of your credit card numbers
Carefully review your credit report, making note of any recent changes to your credit score. You can request free credit reports directly from the three main credit reporting bureaus — Equifax, Experian and TransUnion — or from AnnualCreditReport.com, a service run by the federal government. An unexpected drop in your credit score can indicate illegal activity, fraud or identity theft. You should take any unexpected change seriously, even if it doesn’t trigger an automated fraud alert.
If you find unauthorized activity on your credit cards, new accounts in your name or other financial transactions you weren't aware of, learn how to report identity theft. The first step is to notify Equifax, Experian and TransUnion.
Report any unauthorized accounts, and ask the credit bureaus to remove fraudulent items from your credit report. They can also offer further assistance, such as enabling two-factor authentication before they release your credit records. Learn more about two-factor authentication below.
4. Ask the credit bureaus to freeze your credit
Tracking your credit card activity is essential after a suspected cybersecurity incident. Credit card numbers are one of the most common targets of cyberattacks. Scams racking up many small, fraudulent charges over a short period are common and often go undetected.
If you notice any such activity, contact the three credit bureaus (TransUnion, Equifax and Experin), to have any credit activity in your name frozen. This prevents anyone from opening new accounts or taking out loans in your name.
You’ll have to lift the credit freeze before applying for new credit cards or other activity that would result in a hard credit check. Still, it’s worth the peace of mind.
5. Use multi-factor authentication
The next step to take is to enable multi-factor authentication (MFA) for your online banking and other high-risk accounts that have your personal information. MFA requires you to first log in with your password and then provide secondary information on a separate device associated with the account. You can complete this secondary authentication via a text message sent to your mobile phone or an authentication code provided by a third-party app such as Google Authenticator.
Using MFA helps ensure that even if someone has found your usernames and passwords on the dark web, they won’t be able to access your accounts.
6. Be extra vigilant with email and social media
Cybercrime, such as phishing, is on the rise. Phishing is an attempt to trick you into providing sensitive information via email by misrepresenting who an email is from. An email may appear to be from a colleague or supervisor asking for personal information or help, but it's actually from a cybercriminal hoping to steal your data.
In some cases, cybercriminals may already have some of your information but still need your address or phone number to access your accounts. Most cyberattacks rely on multiple scams, including phishing and other forms of manipulation, to uncover the data they need.
Don't reply to emails or open links sent by email addresses you don't know. It’s also best not to share too much personal information online.
Be especially careful with social media apps. Many apps are home to scamming activity, such as WhatsApp scams, when criminals pose as a family member or friend calling from a new, unknown phone number and claim to have an emergency.
How to Find Out if My Information Is on the Dark Web FAQ
How do you do a dark web scan?
A dark web scan indexes collections of stolen data and compares them to your established identity profile to see if your information has been compromised. It requires specialized skills and software, so you'll probably need professional help.Look for an IT security or identity protection agency to carry out a dark web scan on your behalf. Remember that dark web scans are complicated, even for companies specializing in them.
It's impossible to search the entire dark web for your information because it's designed to hide what's stored within it. The most that a typical scan can do is determine the date your data may have been exposed. Still, there's always the chance that more of your data is out there than can be detected.
Can you remove your information from the dark web?
Once your information is on the dark web, removing it can be difficult, or even impossible. Dark web repositories of stolen personal data generally operate in support of criminal activity. Even if you could get in touch with an administrator, they likely would ignore your message.Even if you could remove your information from one dark web location, there is no guarantee that it hasn't been copied or posted on other sites. Instead of removing information that has been compromised, focus on changing passwords, notifying your credit card companies and ensuring the stolen data becomes irrelevant.
How did my information get on the dark web?
Learning that your information has been stolen in a data breach can be shocking. Still, it can be somewhat reassuring to know that the thieves probably didn't target your data in particular, but rather stole thousands of records at once.
The most common way personal data gets stolen is through data breaches at banks, credit card processing companies and online retailers. Even government agencies can fall victim to cybercriminals.Other risks include using public Wi-Fi for banking transactions or throwing away sensitive documents. To stay secure, always use a virtual private network (VPN) — a service that isolates and encrypts your internet connection — or a private Wi-Fi network you trust. To avoid leaving a paper trail, invest in a paper shredder.
What if my SSN is on the dark web?
Summary of Money’s What to Do if Your Information Is Found on the Dark Web
Having your data exposed on the dark web can be dangerous, but there are some steps you can take to stay safe. Sign up for a credit or identity theft monitoring service, thoroughly check your credit card statements and carefully investigate any unknown or unrecognized activity.
Though you should make security a regular part of your online routine, it's especially important after your information is exposed. Use strong passwords, enable two-factor authentication and monitor your credit reports. If your information has been stolen, consider freezing your credit to prevent someone from opening new accounts in your name.
Taking the proper steps can minimize your risk of identity theft. The best way to protect yourself is to stay informed about the latest security threats and to monitor your accounts regularly for any suspicious activity. Be vigilant, and you can reduce your chances of becoming a victim of identity theft.