What is the Dark Web?
Imagine the Dark Web to be like an unlit, hidden alley. You cannot see the face of anyone when you peek inside; transactions are happening between unseen people that are moving freely, anonymously, and without a trace.

Nothing is tracked by search engines like Google or Bing, encryption hides identities, and to get into these secret areas, you need special software. Like that dark alley, this is where dishonest behavior can thrive. If your information and identity are being exchanged on the Dark Web, you need to know so you can act quickly to keep yourself protected.

Why is the Dark Web dangerous?
If you do not want to be seen, then it is likely that you do not want to be caught. Cyber criminals buy and sell physical items like illegal drugs and guns, as well as electronic material like identities, passwords, hacking tools, and credit card numbers.

The problem is not only IF your credentials have been compromised, but WHAT you do next to protect yourself. Password reuse and lack of awareness of sophisticated phishing scams, like Business Email Compromise scams, means cybercriminals can use your own data against you.

What if a password has been compromised?

Once a password is found on the Dark Web, cybercriminals will try to use that password across any other accounts they can think of. If that password has been reused, not only is the employee at risk, but your organization is as well.  

What if an email address has been compromised?
Cybercriminals will use Dark Web data to create very targeted emails called Business Email Compromise (BEC) scams, where they impersonate key company executives to trick employees into carrying out their requests – often to transfer funds.

Is my own company’s data is at risk?
Password reuse and Business Email Compromise scams are just two risks associated with having data on the Dark Web. This data can be used against you and your organization in several other ways, which may lead to an internal data breach for your organization.

Make sure your employees are aware of safe practices regarding password creation, use of their business email addresses, and secure browsing.

As always, if you need assistance, we have got a dedicated team to help.