Data breaches are a fact of life these days-on a regular basis, companies everywhere are found having to notify users that their accounts have been compromised.
Usually it's only an email address that's let slip, but sometimes it's a whole lot more.
The dark web is a place where data is all the more important-it is essentially a warehouse for stolen information obtained in data breaches.
New research from data security and intelligence firm Terbium Labs puts this fact into perspective.
The report analyzes the top indicators of a darknet-related data breach, pointing to the signs users should look for if they suspect their security has been breached.
In summary, the biggest warning signs are as follows:
1. Database dumps
Who hasn't been hacked these days? There are plenty of stolen accounts available in database dumps from all over the internet, from healthcare organizations and financial institutions, to dating websites and online forums.
Even if a database dump hasn't been made available to the general public (often as a result of a business not paying a ransom), you may be able to find database dumps for sale on the dark web.
2. Doxing
Doxing is when an individual is targeted online by others trying to find as much personal and identifying information as possible.
Many times, the objective of this online sleuthing is to uncover as much "dirt" as possible, or to find out the target's actual location. It is generally conducted with malicious intent.
3. Fraudulent IDs
Fake IDs, get your fake IDs! Yes, the dark web is home to fine purveyors of all sorts of fake IDs such as driver's licenses, social security details and passports.
It's generally not a whole new identity though-it's often someone else's details being used unknowingly.
4. Fraudulent payment cards
Credit card and debit card fraud is on the rise due to skimming, carding and other techniques.
This means these details can be sold on the dark web (or even gathered through payment systems) and then used until the owner of the account notices or the bank calls to report suspicious activity.
5. Fraudulent tax returns
Believe it or not, there's a flourishing market on the dark web for people fraudulently putting in other people's tax returns returns early-before they get a chance to!
6. How-to guides for opening new fraudulent accounts
Once a criminal has the right personal details for someone, and perhaps even ID, this allows them to be able to create and open other accounts in their names - such as loans, rental agreements, or credit cards.
There are plenty of guides available on the dark web that fraudsters can follow to do just this,
7. Bumbling dark web searching
The first time that you jump on the dark web you really have no idea what you're doing or how to find anything. This can be a recipe for disaster.
If you're trying to find a good marketplace, you might wind up on a dummy site and lose all your Bitcoin funds. You might accidentally stumble on something really illegal and wonder if the feds will show up at your door.
8. Employees using the dark web
These next three points are business-specific.
If you have a company and your employees are jumping on the dark web, then get discovered for illegal activities, you better really hope they weren't doing it while they were at work.
If the employee is a high-ranked member of your company, it's possible any news will give out your company name. Be proactive in teaching your employees about data security and online privacy.
9. Insider information about company systems
Whether you like it or not, you probably have a disgruntled worker or ex-worker or two around.
If these people feel so inclined, they're able to sell details about how to access your systems to the highest bidder on the dark web. This has happened before.
To avoid it, you'll need layers and layers of security that are well-tested.
10. Source code dumps
Another favorite activity of disgruntled ex-programmers, or successful hackers looking to make some good money or prove a point, is dumping proprietary source code on the dark web.
This type of information can be worth even millions of dollars. Make sure that access limits are in place for employees, and again, layers and layers of security.
-----------
It's important that we all remain vigilant in data security, both individually, as well as at work, and especially if you own a business yourself. There are plenty of resources available that will help you to bump up your data security while you're online.
