Barely a week goes by without another large company reporting a mass data breach. With the Covid-19 pandemic increasing the amount of time we are spending online, it’s not surprising that cybercriminals are moving quickly to take advantage of unsuspecting individuals, resulting in devastating financial and personal consequences.
Your personal data can fetch a hefty price on dark web forums. Details like tax file numbers, bank accounts and Medicare numbers are sold by cybercriminals and used to commit identity theft and fraud.
They’re not just in it for the money either. A hacker by the name of ShinyHunters, operating in a dark web forum, recently gave away 386 million records for free. They claimed that they had made enough money from selling personal details already and wanted to share the information they had with everyone.
With these kinds of criminals now freely giving away your personal information, you should ensure to take every precaution possible to protect yourself from data breaches.
What is the dark web?
The internet has three separate layers to it. There is the surface web, which is the browser that you log onto every day to carry out your normal tasks — emailing, messaging, shopping and streaming. This is the web that you use Google, Yahoo or Bing to search and is accessible by everyone.
The second layer is known as the deep web. The deep web includes the kinds of websites that you access when you are securely exchanging details. For instance, when you log onto your online banking account and are asked to provide a password, you are accessing the deep web. The deep web also includes specialised search engines, like a library’s catalogue. You cannot access the deep web via a normal Google search, the pages are not indexed nor ranked as they are securely locked and encrypted.
The third and final layer of the internet is the dark web. The dark web has a rather poor reputation, which it has in-part earned however there are plenty of innocent forums and websites to be found there as well. You might be wondering how to access the dark web. It can only be reached by downloading a specialised browser known as Tor — or The Onion Router. Your actions cannot be tracked whilst on the dark web and your identity remains secret to those around you and government organisations. This is why the dark web is often associated with criminal activity, including the sale of personal data.
Why do cybercriminals want my data?
Identity theft is a lucrative business for cybercriminals, with personal information fetching hefty prices on dark web forums. Data such as financial details, healthcare information, login credentials and government issued resources are all highly sought after for a variety of reasons.
A cybercriminal may use your tax number to file a fraudulent tax return under your name, resulting in serious personal ramifications. Financial information can be used to open new credit cards and drain your bank account. Healthcare information can be used to illegally access drugs and medication whilst login details for social media sites can grant a cybercriminal an open door into your entire personal world.
Generally the aim of these attacks is to reap financial benefit, however online criminals may also choose to extort and blackmail simply to create disruption and emotional distress in the victims.
What to do if you have been a victim of a data breach
You may know that you are a victim of a data breach — under federal law, organisations are required to tell clients should their personal information have been stolen or misused. If this is the case or if you are simply concerned about the amount of your private information you have shared online, the best option is to invest in dark web monitoring services.
Dark web monitoring means that an internet security service will alert you should your information be found on the dark web. You can choose to purchase a one-off scan or sign up for regular monitoring depending on your needs.
Once personal information is on the dark web, it is close to impossible to have it removed. Knowing it is there however means that you can take appropriate steps to help mitigate the damage.
Should your information be found on the dark web, immediately contact your financial institutions. Change your passwords and login details for all online accounts and alert any government organisations to be on the lookout for unusual activity related to your identity.
Finding your information on the dark web can be stressful, particularly given the kinds of individuals who roam these sites. Be sure to take every precaution possible to prevent this from happening but know if you are the victim of a data breach, there are steps you can take and organizations that can offer assistance to get you back on your feet again.