The Dark Web has been around for more than 20 years. This hidden part of the internet is a haven for hackers because of its anonymity. It’s the perfect marketplace for cybercriminals looking to sell or buy stolen passwords, Social Security numbers and other sensitive information.
Criminal activities on the Dark Web have contributed to alarming cybercriminal statistics across the globe. Use these tips and insights to help protect personal information and data for your business accounts.
Display Our Cybersecurity Tips for Employees Infographic in Your Office!
How to Know if My Information is On the Dark Web
First things first, you need to determine if your personal or company’s email, passwords, credit card numbers or other sensitive data is on the Dark Web. Thankfully, there are ways to find out without having to venture into the darkness yourself or scour nefarious search engines.
A Dark Web scan or monitoring service will look for your data on key Dark Web services in real time. They’ll report back to you on what they found, if anything.
Elevity offers free Dark Web scans for individuals and businesses. It’s super easy to get it done. Just sign up here.
Note that a Dark Web scan does NOT automatically remove your compromised information from the Dark Web. It simply alerts you that the information is out there. There is no Dark Web manager to call to request its removal; it’s up to you to take action from there.
RELATED ARTICLE: Is Outdated Business Technology a Security Risk?
What to Do if Information is On Dark Web
So your scan revealed that some of your private information has made its way to the Dark Web. Time for damage control.
Change your passwords. Create new passwords for your email and any compromised accounts. And make sure you’re not using your old, stolen password; it’s also a good idea to change your security questions for the compromised account.
Alert the appropriate people depending on what has been stolen:
For businesses, start by alerting your IT department or technology services provider to take corrective actions. Then…
- For credit card or bank account numbers, contact your credit card issuer or lender. They will help you close the compromised account and open a new one. You may also want to issue a credit freeze until the issues are resolved.
- For driver’s license or passports, contact your Department of Motor Vehicles or the U.S. State Department, respectively.
- For Social Security numbers, report it to the Social Security Administration and the Internal Revenue Service right away.
How to Get Email Off Dark Web
Did your Dark Web scan show your email address is for sale? You’re probably thinking: “It’s just my email address and lots of people already know it. Why worry?” Actually, it’s a big deal for three reasons.
- If a hacker knows your email address, it’s that much easier for them to break into your account and snoop on the sensitive data within.
- A hacker can spoof your email account, tricking others into thinking they’re receiving messages from you.
- Many people use their email address as their user ID for logging into online accounts. Armed with your email address, a hacker can crack your logins and start messing around in your accounts.
If your email address is your user ID for any online accounts, change your ID and passwords right away. And if you notice spoofed emails coming from your address, alert your email provider or IT department.
If ANY of your personal or business information appears on the Dark Web – even something as seemingly harmless as an email account – always take it seriously.
Tips to Keep Your Business Data Off the Dark Web
It’s a lot easier and less stressful to not have your data stolen in the first place. Taking these precautions can help you keep sensitive data out of the hands of hackers and off the Dark Web.
Avoid public or unsecured Wi-Fi. These networks are dangerous because there’s nothing stopping a hacker from breaking into them. A bad guy can easily see what sites your employees are visiting and what login credentials are used to access accounts.
Use a password manager. Every one of your business accounts should have a unique, complex password. A free password manager stores all of those passwords for you so you don’t have to remember them all. It’s a simple, streamlined way to protect your passwords and the accounts they access.
Use two-factor authentication. Always. This simple additional step between entering your login credentials and getting into your accounts typically involves entering a code texted to your phone or using your fingerprint. Enabling two-factor authentication means a password alone isn’t enough to access your account, so even if a password falls into the wrong hands, a bad guy can’t get in.
Make a garbage email account. Create a separate email address you can use for logging in to unimportant accounts. If one of these less important sites experiences a data breach, your primary email won’t be the one floating around on the Dark Web. You can simply scrap your secondary account and make a new one.
Monitor your credit. Don’t wait to find out about a data breach on the news. Regularly checking your credit reports with credit bureaus can tip you off to identify theft early before the damage becomes too severe.
Regularly monitoring your accounts for potential Dark Web activity is a cybersecurity best practice that shouldn’t be put on the backburner. To get an idea of how your business is doing overall when it comes to online security, take our free, online Cybersecurity Risk Assessment. Answer 15 questions to see your results. Once you’re done, reach out to us to learn how to improve your score.
At Elevity, we leverage the latest cybersecurity technology and use a step-by-step plan to mitigate and respond to risks. Let us help your organization take the necessary steps to secure your systems. Contact us today.
