Other products

FAQ: Dark Web Monitoring Notifications

What is a Dark Web Monitoring Notification?

Dark Web Monitoring, also known as cyber monitoring, is a service that helps monitor for information on the dark web and notifies you if we detect your personal information on the dark web. Identity thieves can sell your personal information on hard-to-find dark web sites and forums.
The notification that you receive is called a Dark Web Monitoring Notification.

What is a Baseline Notification?

When you enroll, we run a one-time historical dark web scan looking back to 2008 to determine if the information you provided us has been previously exposed. If we find exposed information, we notify you. This is known as a Historical or Baseline Notification.

What information can be added post enrollment for Dark Web Monitoring?

Country

Personal Information for Monitoring

Australia and New Zealand

  • Email addresses (up to 5)

  • Phone numbers (up to 5)

  • Credit card numbers (up to 10)

  • Gamer tags (up to 10)

  • Insurance ID numbers (up to 5)

  • Addresses (up to 5)

  • Bank or investment account numbers (up to 10)

  • Driver's license number

  • Mother's maiden name

Germany

  • Email addresses (up to 5)

  • Phone numbers (up to 5)

  • Credit card numbers (up to 10)

  • Gamer tags (up to 10)

  • Insurance ID numbers (up to 5)

  • Addresses (up to 5)

  • Bank or investment account numbers (up to 10)

  • Driver's license number

  • Mother's maiden name

Japan

  • Email addresses (up to 5)

  • Phone numbers (up to 5)

  • Credit card numbers (up to 10)

  • Gamer tags (up to 10)

  • Insurance ID numbers (up to 5)

  • Addresses (up to 5)

  • Bank or investment account numbers (up to 10)

  • Driver's license number

United Kingdom

  • Email addresses (up to 5)

  • Phone numbers (up to 5)

  • Credit card numbers (up to 10)

  • Gamer tags (up to 10)

  • Insurance ID numbers (up to 5)

  • Addresses (up to 5)

  • Bank or investment account numbers (up to 10)

  • Driver's license number

  • Mother's maiden name

United States

  • Email addresses (up to 5)

  • Phone numbers (up to 5)

  • Credit card numbers (up to 10)

  • Gamer tags (up to 10)

  • Insurance ID numbers (up to 5)

  • Addresses (up to 5)

  • Bank or investment account numbers (up to 10)

  • Driver's license number

  • Mother's maiden name

  • Social security number*

  • Date of birth*

  • Name*

*Available only in selected plans.

Asia-Pacific

This includes Hong Kong, Malaysia, and Singapore.

  • Email addresses (up to 5)

  • Phone numbers (up to 5)

  • Credit card numbers (up to 10)

  • Gamer tags (up to 10)

  • Insurance ID numbers (up to 5)

Other EMEA Countries

This includes Austria, Belgium, Denmark, Ireland, Finland, France, Italy, Netherlands, Norway, Poland, Spain, Sweden, and Switzerland.

  • Email addresses (up to 5)

  • Phone numbers (up to 5)

  • Credit card numbers (up to 10)

  • Gamer tags (up to 10)

  • Insurance ID numbers (up to 5)

What information can be added post enrollment for Dark Web Monitoring?

Why am I getting notification from a breach that happened several months ago?The dark web is where stolen information, such as bank account numbers, and credit card numbers, are sold. The information sold or traded can be in the form of "lists" which can be old, and could even re-appear several months, or years following an exposure of the information. Every time the information reappears or resurfaces on the dark web, you are likely to be notified.
"Exposed" information does not necessarily mean that your account(s) have been hacked. Given that these lists may be old, it is entirely possible that your login details associated with the website/service in question are no longer current. You may have already changed a password, deactivated your account or unsubscribed from the website or service. Sometimes breached sites deactivate exposed accounts, as well, which may make it difficult to remember or identify an account as belonging to you.

Why am I getting notification from a breach that happened several months ago?

The dark web is where stolen information, such as bank account numbers, and credit card numbers, are sold. The information sold or traded can be in the form of "lists" which can be old, and could even re-appear several months, or years following an exposure of the information. Every time the information reappears or resurfaces on the dark web, you are likely to be notified.
"Exposed" information does not necessarily mean that your account(s) have been hacked. Given that these lists may be old, it is entirely possible that your login details associated with the website/service in question are no longer current. You may have already changed a password, deactivated your account or unsubscribed from the website or service. Sometimes breached sites deactivate exposed accounts, as well, which may make it difficult to remember or identify an account as belonging to you.

Why can't I respond to the Dark Web Monitoring Notification to confirm my identity?

For some alerts, we ask you for a confirmation of the activity or transaction so we can determine if there might have been the possibility of an identity theft incident.
For other notifications, such as Dark Web Monitoring, we are notifying you that information which may belong to you has been detected. These notifications do not require confirmation from you because it is a result of a scan we perform on your behalf, and not a result of your activity.

I don't recognize the website mentioned in my Dark Web Monitoring Notification. How do I know I have used this before?

There could be several reasons why you may not recognize the website mentioned in a notification. For example, the account may have been created via Facebook or Google log in. Some accounts may be old, and you may not remember having used the website or service. In some instances, you may have provided login details (username/password) for a one-time use, after which you may have never went back to the website or account again. Sometimes breached sites or services may deactivate exposed accounts which can make it difficult to remember or identify an account as belonging to you.

What is the difference between the Exposed Information and the Additional Exposed Information sections within the Dark Web Monitoring Notification?

Your Dark Web Monitoring Notification displays two types of exposed information. When you enroll you provide us information and we monitor it actively. If we detect this information on the Dark Web, it will be displayed in the Exposed Information section of the Dark Web Monitoring Notification.
If we detect other exposed information that may be related to you, we will notify you on this as well. Even if you did not provide the specific information to us, it is possible to use the information you have provided to help detect other information that may have been exposed; but since we have not collected this information from you, we can only notify you that it has been exposed, and not provide any other details. For example, in the case of a healthcare database breach, if you have provided your Insurance Account and Insurance Provider information for monitoring, we may also be able to notify you of additional data that may have been exposed, such as blood type, prescription medications, diagnoses, and related details. This type of information would be displayed in the Additional Exposed Information section of the Dark Web Monitoring Notification.

How accurate are the notifications from Dark Web Monitoring?

Using advanced technology, we uncover fresh data to provide you with useful and informative notifications.

How often are the scans of the dark web performed? How current is the data that is found?

With our ongoing algorithms, we notify you when we find information that may belong to you on the dark web.

How do I place a fraud alert on my credit file, if I'm a victim of fraud?

Applicable only for US and Canada.

If you are a victim of fraud, you can request a fraud alert to be placed on your credit file by contacting the two nationwide credit bureaus listed below (fees may apply). This warns potential credit grantors that the individual's personal identification may have been compromised and directs them to take further precautions to verify the identity of the person seeking credit. It is at the discretion of the credit grantor's authentication protocol processes as to what steps they will take. The fraud alert stays on your credit file for a period of six years and can be removed by you at any time in writing.

What should you do?

Based on what was found in your notification, use the list below for next steps. We will continue to monitor our network¹ for activity. If we detect your information, we will send another email.

Username

If you received a Dark Web Notification and it included your Username, here are some next steps to help protect yourself:
  • Consider changing your Username if you have the option. The same Username may have been exposed multiple times in the past.

  • Consider changing your passwords linked to that Username.

Password

If you received a Dark Web Notification and it included your Password, here are some next steps to help protect yourself:
  • Change your password.

  • If you use this password for other websites or app, then change it for those services too.

  • Set up two-factor authentication whenever available with a website.

Email

Emails can be used for phishing schemes that criminals use to try to get your information.
If you received a Dark Web Notification and it included your Email, here are some next steps to help protect yourself:
  • If you are using this email as a login/username, consider changing this for better protection.

  • We recommend that you never give any personal or sensitive information over email.

Date of Birth

Your Date of Birth along with other personal identifiable information can be used by identity thieves to hack into accounts and commit fraudulent activities.
If you received a Dark Web Notification and it included your Date of Birth, here are some next steps to help protect yourself:
  • Review your financial statements and watch for any transactions you don't recognize.

  • Remove mail from your mailbox right away. If you'll be away from home, request a mail hold.

  • Shred anything that has PII, including credit card and bank statements, receipts, medical records.

  • Opt for paperless delivery whenever possible and practical.

  • Consider setting up a locked mailbox to decrease the risk of stolen mail.

Mother's Maiden Name

Your Mother's Maiden Name along with other personal identifiable information can be used by identity thieves to hack into accounts and commit fraudulent activities.
If you received a Dark Web Notification and it included your Mother's Maiden Name, here are some next steps to help protect yourself:
  • Review your financial statements and watch for any transactions you don't recognize.

  • Remove mail from your mailbox right away. If you'll be away from home, request a mail hold.

  • Shred anything that has PII, including credit card and bank statements, receipts, medical records.

  • Opt for paperless delivery whenever possible and practical.

  • Consider setting up a locked mailbox to decrease the risk of stolen mail.

Driver's License

Your Driver's License Number along with other personal identifiable information can be used by identity thieves to commit fraudulent activities.
If you received a Dark Web Notification and it included your Driver's License, here are some next steps to help protect yourself:
  • Review your financial statements and watch for any transactions you don't recognize.

  • Remove mail from your mailbox right away. If you'll be away from home, request a mail hold.

  • Shred anything that has PII, including credit card and bank statements, receipts, medical records.

  • Opt for paperless delivery whenever possible and practical.

  • Consider setting up a locked mailbox to decrease the risk of stolen mail.

Bank Account

If you received a Dark Web Notification and it included your Bank Account, here are some next steps to help protect yourself:
  • Review bank statements for accuracy.

  • Never disclose a debit or credit card PIN (personal identification number) in email or on the phone.

  • Be suspicious of strangers who ask for personal information by email or phone.

  • If you're asked to provide your Social Security number or other confidential information, make sure you know who wants the information and why.

  • Be wary of email attachments and "free" software.

  • Don't use part of your Social Security number as a PIN.

  • Think before you download apps, click on links or reply to emails that might be harmful or fraudulent.

  • Keep your laptop or mobile device's operating system and Internet browser up to date.

  • Don't store passwords, your Social Security or other sensitive information on your smartphone.

  • Be aware of your surroundings when you bank online and watch out for "shoulder surfers," people who hover nearby and observe your information without your knowledge.

Passport Number

Your Passport Number along with other personal identifiable information can be used by identity thieves to commit fraudulent activities.
If you received a Dark Web Notification and it included your Passport, here are some next steps to help protect yourself:
  • Contact your local passport office to file a complaint

  • Apply for a replacement passport

Name

Your Name and Address along with other personal identifiable information can be used by identity thieves to hack into accounts and commit fraudulent activities.
If you received a Dark Web Notification and it included your Name, here are some next steps to help protect yourself:
  • Review your financial statements and watch for any transactions you don't recognize.

  • Remove mail from your mailbox right away. If you'll be away from home, request a mail hold.

  • Shred anything that has PII, including credit card and bank statements, receipts, medical records.

  • Opt for paperless delivery whenever possible and practical.

  • Consider setting up a locked mailbox to decrease the risk of stolen mail.

Address

Your Name and Address along with other personal identifiable information can be used by identity thieves to hack into accounts and commit fraudulent activities.
If you received a Dark Web Notification and it included your Address, here are some next steps to help protect yourself:
  • Review your financial statements and watch for any transactions you don't recognize.

  • Remove mail from your mailbox right away. If you'll be away from home, request a mail hold.

  • Shred anything that has PII, including credit card and bank statements, receipts, medical records.

  • Opt for paperless delivery whenever possible and practical.

  • Consider setting up a locked mailbox to decrease the risk of stolen mail.

Phone Number

Phone numbers can be used for phishing schemes that criminals use to try to get your information to commit fraudulent activities.
If you received a Dark Web Notification and it included your Phone Number, here are some next steps to help protect yourself:
  • Never give any personal or bank information over the phone unless you are certain of the caller.

  • Member does not need to change their existing mobile number but can if they decide to. Blocking the suspicious phone numbers may be an easier process that we should recommend to the member

  • If you start receiving suspicious calls, contact your telephone service provider to see if it is possible to block calls from those numbers.

  • Register your phone number on the national Do Not Call Registry at www.DoNotCall.gov, or by calling 1-888-382-1222 (TTY: 1-866-290-4236) from the number you wish to register. If you register online, you must click on the confirmation email you receive to complete your free registration.

Insurance Information

Identity thieves can you use any of your insurance information to submit false claims which can be for, but not limited to medical, car, life, home or pet.
If you received a Dark Web Notification and it included any of your insurance information including but not limited to policy numbers, medical information, or insurance providers, here are some next steps to help protect yourself:
  • Carefully review any insurance bills and claims.

  • Be on the lookout for:

    • Medical or other insurance collection notices on your credit report that you don't recognize

    • A notice from your health plan saying you reached your benefit limit

    • A denial of insurance because of past claims or medical records for a condition you don't have

Other tips:
  • Remove mail from your mailbox right away. If you'll be away from home, request a mail hold.

  • Shred anything that has PII, including credit card and bank statements, receipts, medical records.

  • Opt for paperless delivery whenever possible and practical.

Consider setting up a locked mailbox to decrease the risk of stolen mail.

Gamer Tag

If you received a Dark Web Notification and it included your gamer tag, here are some next steps to help protect yourself:
  • Change your password with all gaming platforms in which you use gamer tag

  • Enable two-factor authentication with the gaming platforms

  • Change your email password associated with the gamer tag

  • Use a different password and gamer tag for each gaming platform

Social Security Number

My Number
My Number and other personally identifiable information can be used by criminals who break into your account and commit fraud. If you receive a dark web notification and the notification including your "My Number", we recommend the following steps: Please contact the person's number or my number window. The person in charge may suspend the issued number. It will also tell you the additional steps you need to take.
If you lose your Individual Number Card, please report it to the police.
Keep your computer and mobile device operating system and internet browser up-to-date. Please use antivirus software.

Credit Card

If you received a Dark Web Notification and it included your Credit Card, here are some next steps to help protect yourself:
  • Contact your credit or debit card company for a replacement card and monitor your activity closely.

  • Report any suspicious activity to your financial institution immediately.

  • We recommend using the Transaction Monitoring service from LifeLock.

CVV

If you received a Dark Web Notification and it included your Credit Card CVV, here are some next steps to help protect yourself:
  • Contact your credit or debit card company for a replacement card and monitor your activity closely.

  • Report any suspicious activity to your financial institution immediately.

  • We recommend using the Transaction Monitoring service from LifeLock.

Password Combo List

If member receives a Dark Web Notification and it included your password exposed in a combo list, a collection of email addresses and passwords from breached websites, here are some next steps to help protect yourself:
  • Change the exposed password on all sites where you might have used it

  • Choose a unique strong password on all sites where you might have used it. Its recommended to not employ the same password each time

  • Review your credit reports and watch for new credit inquiry alerts or suspicious activity. Consider freezing your credit file

  • Set up two-factor authentication whenever available for website.

The exposed password included in the Dark Web Notification has been masked/hidden for security purposes. Follow the below steps to partially see the exposed password.
  • Click the link that is provided in the alert notification

  • Member will receive a 6-digit verification code to the exposed email displayed in the notification

    • If you do not receive your verification code, please check your spam or junk folders for an email coming from member.services@lifelock.com

    • As there may be a delay, please check your folders again in 5 minutes, or check back again later. If you still do not receive your code, please contact your Internet Service Provider to resolve this issue.

    • Please do not send multiple requests as it will make the condition only worse

  • Enter the 6-digit code received

    • Due to security purposes, we do not display your entire password. Once we verify that the email address listed belongs to you, your password will be partially unmasked and displayed.

    • Note that the password may not be your most recent, but one you have used in the past.

    • Members password is partially unmasked as per the rules below:

       

What happens if member does not have access to the email address to which they received the notification?
  • Unfortunately, if the member no longer has access to that email, they will be unable to verify and see the details.

  • Member can NOT change, update or enter a different email address to receive the 6-digit verification code

Member receives an error message "An Error Occurred" after entering the 6-digit code.
  • Member might have entered the 6-digit code incorrectly.

    • Have member try the 6-digit code again

  • Error still appears then the 6-digit code has expired

    • Have member request a new verification code email

No one can prevent all identity theft.

¹LifeLock does not monitor all transactions at all businesses.

²Dark Web Monitoring in Norton 360 plans defaults to monitor your email address only. Please login to the portal to review if you can add additional information for monitoring purposes.

§For NortonLifeLock offerings provided to you by a Service Provider or through channels outside the United States, the LifeLock identity theft protection services and coverage, plan feature names and functionality might differ from the services offered directly by NortonLifeLock. Please contact your Service Provider for details on their NortonLifeLock plan offerings.

The solution made it easy for me to handle my issue.

Yes No

Help us improve this solution.

Thank you for helping to improve this experience.

What would you like to do now?

Browse for solutions, search the Norton Community, or Contact Us.

DOCID: v133398194
Operating System: Windows, Mac OS X, Android, iOS
Last modified: 11/27/2021