Do you know where your passwords are? Beyond the reach of search engines, the Dark Web is the internet equivalent of a seedy back alley. A place where no one uses their real name and illicit deals are made. And even though you’ve never been, your sensitive information may currently be living there. So how do you know if it is? You’ll have to peer into the dark.
Where Is the Dark Web?
There are three levels to the vast web of information we know as the internet:
- The Public Web: Accounting for only about 4% of the internet, this is where the general public spends most of its time – shopping, reading, and interacting via social media.
- The Deep Web: Containing 90% of all sites are the company pages, information databases, and various other purposely hidden legal sites inaccessible to the public and unindexed by search engines.
- The Dark Web: Deeper than the deep web is the last 6%. The Dark Web. A network of hidden sites where visitors use anonymity software with encrypted connections to conceal details such as their IP addresses to mask identities and locations.
Dangers of The Dark
As you can imagine, the promise of anonymity means the dark web is a haven for cybercriminal activity. Hackers and scammers regularly sell packages and maintain lists of top commodities such as credit card information and social security numbers. An email address or password is usually the first to appear as cybercriminals are always looking for easy targets. Naturally, if your email ends up on a list on the dark web, your odds of being targeted for a phishing scam skyrocket. And if it’s your password – hackers may already be circulating your most sensitive data.
So how do you keep your information from sinking to the depths of the dark web? Password protection and proactivity are key.
Create Stronger Passwords
As a general rule, your passwords should be 12-15 characters in length, not use words found in the dictionary, combine uppercase and lowercase letters, and use numbers and symbols. The best way to achieve this is to think up a personal phrase and codify it. For example, “Dad was born in 1973” becomes D@Dw@sB0rNiN1973.
Don’t Re-use Passwords
Because it’s easier, many individuals use the same password across multiple sites. This recipe for disaster allows cyber thieves who’ve compromised one account to now easily access all the rest of your accounts. Password managers like 1Password or LastPass can help by creating and storing unique and complex passwords on your behalf.
Use Two-Factor Identification
Two-factor identification adds an extra step to the log-in process, providing another layer of security. Typically, this means receiving a code you’ll need to input to access your account, often via text message. Once implemented, a username and password purchased on the dark web are no longer sufficient credentials to gain access to your data.
A patient bunch, criminals can sit on your stolen data for several months before attempting to use it. Many times, they let it circulate in an attempt to sell it. This creates enormous risk but also, opportunity on your end. If you find your stolen data on the dark web before it’s been used, you’ll have time to shield yourself from a massive breach. So, it’s imperative to utilize identity-monitoring and external-credential systems to continually monitor the exposure of your most sensitive information.
At Reynolds and Rowella, we have the expertise to assist you in doing just that and offer a free dark web scan to help shed some light on the situation. To find out more about how we can help prevent your information from floating around the depths of the internet, contact dedicated dark web expert, Jarrett Meiers today at firstname.lastname@example.org.