Your personal details & passwords might be up for grabs on the Dark Web… but what is it?
There are three different levels to the internet – known as the ‘Public Web’, forming only around a very tiny 4% of the internet; is the platform that we all use each and everyday and it is formed of services like websites and social media platforms. The ‘Deep Web’, which represents the largest part of the internet at around 93%, consists of private servers & systems, such as cloud services and CRM databases. Which leaves a small corner of the internet at around 3% of the internet, which is typically for illegal activity and is not as easily accessed. Named the ‘Dark Web’, untraceable and sealed away from normal internet users, it is a prime location for the conduct of business between criminals of all kinds.
How do my credentials get there and why?
If a hacker has been able to gain access to a list of user login details from a particular platform or service, your details might well be on that list. These private details will have value to other criminals, so therefore are shared and sold with other parties within the Dark Web.
This malicious community want access to your details to penetrate into your business and personal life. They can easily mimic your actions and, through a number of different routes, look to defraud you and indirectly those they identify you are connected with.
Should I be worried?
If your login credentials, email addresses and passwords have been listed on the Dark Web, they will likely be exposed to anyone & everyone that wants them….
And, worse; if you have the habit of using the same password, email address and login ID across lots of different platforms you access, such as your online banking, social media, email accounts and private file storage; you are hugely vulnerable to cyber-attack and a potential subject of being defrauded across your entire internet presence.
With access to all of your cloud services, it is incredibly likely your identity will be stolen and used as a platform to try to conduct further fraudulent activity by targeting those you are connected with via social media and email.
But, what can I do?
There are tools available that can firstly scan the Dark Web and critically identify whether you are at risk. Such services then maintain your peace of mind with monitoring & alerting, by constantly looking up the dark web for your personal credentials, such as; email address, or other associated usernames or IDs, and will then raise an alert to you if anything concerning has been identified.
If your details have been located on the dark web; you benefit from being immediately made aware of your vulnerability and can critically take action by securing access to all of your impacted accounts.
How can I avoid becoming a target?
It is almost impossible to prevent yourself from becoming a victim; an sad reality we must all accept is that at some time, our personal data will be stolen or exposed from somewhere. This could be for a number of reasons, such as; your own lack of cyber security, falling victim to a phishing attack, or, a mistake or security flaw by a third party holding your information.
HOWEVER! What’s more far more vital is the fact you can become aware swiftly when you’re at risk. Having a process that includes the implementation of best security practices, such as the setting of secure passwords, ensuring that you regularly change those passwords, differ the passwords & login details across different systems, and lastly, implement cyber security features such as 2-Factor / Multi-Factor Authentication (2FA/MFA), will help you mitigate the risks of exposure.
By enforcing cyber security features, such as 2FA or MFA, you are able to add another key hurdle to the steps hackers have to take to try and get to your data. Should someone else try to access a system that you use, you’ll receive notification by text message, phone call, or email, to your device to authorise that login; therefore helping cyber criminals fail to gain access to your data.
Want to get the best of cyber security for your business?
At iTeam, we take a security first approach to technology – ensuring our client’s systems are best protected.
If you have any concerns, questions or simply want to explore how to better secure your business, please do get in touch with the team for a FREE demonstration, consultation to explore how exposed your business might actually be and identify actions to take.
To book a consultation or to arrange a further discussion, please get in touch via our form below, call 03330 507 690 or email Chris on firstname.lastname@example.org.