Threat Intelligence

Are dark web monitoring services worth it?

Dan Virgillito
September 4, 2019 by
Dan Virgillito

Introduction

Chances are that you’ve seen ads for services offering dark web monitoring in the past few months. They promise to explore the dark web for your personal information to see if a hacker has listed it for sale. Since we live in a world where our private data is a key target for cybercriminals, it makes sense to build a safety net through proactive monitoring, right?

Well, it’s a sort of catch-22 situation. While it seems like a great idea to protect your identity in this way, you could end up paying for nothing if you make a decision without doing any research. So is a dark web monitoring service worth your investment? We’ll take a deeper look to find out. 


What is the dark web?

The dark web is an assortment of hidden websites that can only be accessed through specific software. Its name is often mentioned alongside the deep web, which is basically the part of the internet that is not indexed by search engines (like internal company databases and private websites). The dark web makes up a tiny portion of the deep web, and it’s where cybercriminals sell, publish or save the personal data of their victims.

The sites present on the dark web are typically hosted on anonymous servers. To access their webpages, you need to use an anonymous browser like Tor. When it comes to data, you can find anything from passports to credit card details being traded on the dark web. Buyers can also purchase what’s called a “Fullz,” essentially a bundle that includes the victim’s Social Security Number, date of birth, complete name, bank account number and a collection of other sensitive data for $20-$30 a pop.

But how do cybercriminals gain access to your personal information? Well, there are plenty of techniques available at their disposal. Tactics such as skimming, phishing and good old-fashioned eavesdropping can result in your info ending up on the dark web. Bigger hacking groups can even execute a large breach to steal the data of millions. Once they gain access to your information, adversaries will often resell it on the dark web.

How does dark web monitoring work?

Dark web monitoring services, like the one offered by Experian, usually involve web crawlers and scrapers that monitor P2P networks, websites and chat rooms where stolen information is being sold and advertised. Once they discover a match, they notify the company or account owner that their data has been compromised.

But here’s what service providers don’t tell you: Most of the stolen credentials they report on have already been abused, used and resold multiple times. It’s already too late for the user to do much about it. The only way to stop information from being illicitly used is to catch the hack or breach as soon as it happens, and no dark web monitoring tool claims to have this capability.

Moreover, some of these services aren’t scanning the whole dark web for your information. That’s just impossible to do because this part of the internet contains many potential website addresses. In many cases, the companies are just gathering the data dumps that are publicly available on the dark web. These are big databases of personally identifiable information stolen from individuals and published online.

So rather than exploring the deepest corners of dark web, the services are just searching through publicly disclosed information pertaining to stolen accounts and leaked passwords. Some of this information can be freely accessed through Have I Been Pwned and similar resources.

What are the alternatives?

If you think that dark web monitoring services aren’t right for you, there are other steps you can take to protect yourself against information theft. Below are some of the measures you can immediately implement.

  1. Create stronger passwords: Replace any weak passwords with new ones, especially for your most crucial accounts. A password generator can help create longer, more complex passwords. Also, make it a habit to change your passwords every 2-3 months
  2. Monitor your accounts: Check your bank, credit card and other financial statements every two weeks or so. If any information looks off, contact the financial institution that holds the account
  3. Get a copy of your credit report: Once you receive the report, look for signs of potential fraud, like a change of home address that you didn’t authorize, bank accounts or credit cards you never applied, or negative points, such as late payments, that are incorrect
  4. Freeze your credit report: If you’re worried that someone may abuse your Social Security Number, consider freezing your credit reports. You can do this as well as unfreeze reports free of charge. By freezing it for now, you’re preventing adversaries from opening credit in your name. Any financial institution or bank won’t be able to take your credit until you share a PIN or unfreeze it
  5. Use free resources: Besides all of the previous steps, you can educate yourself on the type of information that is usually targeted and what can be done in case you become a victim. Services like Breach Clarity (launched by The Identity Theft Resource Center) can help you identify the type of private data exposed in a breach and what steps you can take to deal with it

Conclusion

Dark web monitoring services will inform you when your personal information or accounts are discovered on the dark web. However, your best recourse is to implement the tactics that don’t require any payment on your part. We recommend that you assume your data is already being traded on the dark web and take action accordingly.

But if you must use dark web monitoring (such as because your boss or manager wants you to), use your better judgment to decide whether or not to purchase a certain service. You may discover that the additional services offered by a provider, like those offered by LifeLock, are well worth the cost by themselves and that dark web monitoring is an additional bonus. Regardless of the route you take, it’s always a good idea to take care of your personal information.

Hands-on threat intel training

Hands-on threat intel training

Learn how to collect, analyze and act on cyber threat intelligence with expert instruction and hands-on exercises in Infosec Skills.

 

Sources

  1. What is the dark web? How to access it and what you'll find, CSO
  2. $365,000 dark net phishing scam leads to guilty plea from U.S. hacker, CyberScoop
  3. Column: Credit agency Experian says it can protect you from the ‘dark Web’ — sort of, Los Angeles Times
  4. Freezing your credit is now free, CNBC
Dan Virgillito
Dan Virgillito

Dan Virgillito is a blogger and content strategist with experience in cyber security, social media and tech news.