By Brad Thornton May 4, 2021
Summary: Not sure exactly what the dark web is? It’s basically the underbelly of the internet. It’s buried, untraceable, and often dangerous. But a lot of private data can end up there. We’ll explain what the dark web is, how to know if your information is on it, and what you can do if it is. Plus, we’ll discuss the best internet security safeguards to prevent criminals from accessing your accounts.
If you’ve been on the internet lately, you’ve likely heard of the dark web. It became more well-known in 2013 when the FBI shut down the Silk Road, the first online black market. Now, the dark web is typically referred to in passing as a nefarious corner of the internet and advice usually ends at “avoid it.” But what actually is the dark web? And what can you do if you find out your personal data is there?
There are layers to the internet. First, there’s the top layer called indexed pages. These are things like the results from a Google search, and it’s the most-accessible surface layer of the internet. Drill down more, and there’s the deep web. The deep web contains non-indexed pages — ones requiring a login to view. This can be anything from company intranets to online bank accounts to library databases. Underneath the deep web is the dark web. The dark web also has non-indexed pages, but it usually involves illegal niches such as selling information like personal data.
The dark web doesn’t make up the majority of the internet, but it is an active corner. However, you probably don’t need to worry about accidentally stumbling into it.
While you have to enter login credentials to access the deep web, the dark web requires more work such as a specific type of browser. Plus, the pages aren’t indexed, meaning they can’t be reached from a Google search. When you hear about data being stolen through security breaches, hackers typically go to the dark web to sell the information they took. This can be anything from login credentials to social security numbers to credit card information.
You don’t want your personal information to be found on the dark web. But, because of how enmeshed the internet is in our lives, it can be more a matter of when it ends up there — not if. Before you can do anything to fix the problem, you need to know if your data is on the dark web.
And the best way to find out is to sign up for a security and dark-web monitoring service. Most financial institutions also offer alert options.
I’d recommend looking at a service like EarthLink’s Protect and Protect+ powered by Norton LifeLock because it tells you exactly what was found and gives you recommendations on next steps. You can input your email addresses, phone numbers, and home addresses to scan for hits on that information.
It will also help you address any problems that arise as a result of being hacked such as removing hard inquiries from credit reports. These are important steps to recovering data, but it can be difficult for most consumers to navigate alone.
So, you found out your information is out there. What do you do about it? First, update your password.
If you’re using the same password for other accounts, change those, too (but change them all to different passphrases). If possible, change the associated email or username for that account. Having unique usernames, just like unique passwords, is a good practice.
If an account you no longer use has been hacked, see if you can deactivate it. If that’s not possible, remove any personal information from your profile, including payment information. If banking information has been leaked, place a hold or freeze on the compromised account.
Of course, some internet breaches are more worrisome than others. If your old Myspace account was hacked, there’s likely not much relevant information on there anymore — bear in mind your birthdate might be part of that, and it is a common security data point. But when large banking breaches happen, it’s important to take immediate action.
Unfortunately, the bulk of securing personal data falls on the consumer.
The importance of unique, complex passwords really can’t be overstated.
If creating — or remembering! — hard-to-hack passwords is overwhelming, opt for a password manager. Again, NortonLifeLock can generate passwords or keep existing passwords in a secure vault, and can even generate passwords for existing accounts. Norton requires a unique and secure password for the vault itself, which is not stored nor can it be overridden. Needless to say, make sure that password or phrase is kept in a very safe place.
The most secure password combination uses a minimum of 11 characters and includes upper- and lowercase, alphanumeric, and special characters. That password type takes three or more decades to break, so hackers will move on to easier targets.
In addition to password safety, there are a number of convenient high-speed internet features that should actually be avoided because they’re not that secure. This includes:
Beyond creating secure accounts, you can also choose an internet service provider who won’t sell your information, an email provider who keeps your messages secure (hint: free services like Gmail are convenient, but not always secure), and install a virtual private network, which encrypts all of your online information, making it harder for hackers to access.
EarthLink will never sell your information, and we encourage all of our customers to sign up for EarthLink Protect or Protect+. We’ve partnered with Norton to create the most comprehensive protection against the dark web. And if it happens to you, we’ll help make it right. Ready to get started?
See all posts from Brad Thornton.