Dark Web Monitoring - FAQs

The surface web comprises websites indexed (or cataloged) by search engines. The dark web is a hidden layer of the internet that is inaccessible or indexed by search engines and requires specific software for access. The Dark Web is popular with criminals because they can remain anonymous and untraceable as they communicate. The dark web is a huge marketplace where hackers and thieves exchange information, goods, and services; information exposed from data breaches, hacking incidents, or leaked information can be bought and sold on the dark web as "lists" by identity thieves. Information traded on the dark web may be old or could even re-appear several months or years following exposure of your personal information. The dark web forms a small part of the deep web.

The dark web is accessible only if you download a special open-source browser software. Such software typically uses encryption technology to help users maintain their anonymity online. It does this, in part, by routing connections through servers worldwide, making them much harder to track.

You do not need to be on the dark web for your information to end up there. Information stolen or exposed in data breaches, hacking incidents, or leaked information can be bought and sold on the dark web as "lists" by identity thieves. This information may be old or reappear several months or years following exposure.

Here are some ways in which your data can be hacked and sold on the Dark Web:

• Passive digital footprint: Your IP address, the sites you visit, the browsers you use, and many more. Cybercriminals can find the data you leave online when you use the internet.
• Active digital footprint: The data you post online, including your pictures and videos, messages and blogs, interactions with your family and friends online, and online purchases that include your home address, phone numbers, etc.
• Information disclosed by other entities: Most government organizations, financial entities that send you credit reports, and data brokers gather data about you and sell your profile to companies that want to send you customized ads.

"Exposed" information does not necessarily mean that your account(s) have been hacked. You can be proactive and take several actions to help protect yourself. Change your password for the site/service mentioned in the notification. In addition, if you use the same password for numerous online accounts, make sure you change these passwords. Enable two-factor authentication whenever offered by a site or service. 

Even though you may have unsubscribed from a website or deactivated your account, your data may still be present in their systems and could be exposed during a data breach, a hacking incident, or another type of data leak.

Cybercriminals navigate the Dark web marketplaces and forums and transact illegal products and services.
Some of the data stolen can be broadly classified under:

• Personal Data: This includes your names, addresses, email addresses, and birth dates. Overall, your Identity can be stolen on the Dark web.
• Financial Data: Credit card information, usernames and passwords for your accounts, and any important financial data.
• Medical Data: Cybercriminals can also hack medical history, biometric data, test results, billing information, and other sensitive information to gain access.
• Confidential Data: This could include property information, patents, and other operational data that you need.
• Online Data: With the digital world emerging, your online accounts, if not secured, are targeted by hackers, as well as your social media accounts with all your data, paid services, etc. Always be mindful of your online accounts.
• Forged Data: Fake IDs, including passports, driver's licenses, and other important IDs, are sold on the Dark Web.

As part of our service, we scan the surface, deep, and dark web for exposure to information. When you subscribe, it defaults to monitor your email address, and we run a one-time historical dark web scan looking back to 2008 to determine if the information you provided us has been previously exposed. If we find exposed information, we will notify you. We run continuous scans and are on the lookout for exposed information. If your information has been exposed, you can be proactive and take several actions to help protect yourself.

We do not, nor are we able to, erase information from the dark web because of the highly anonymous nature of forums, communities, and black markets in which criminals operate.

With our ongoing algorithms, we notify you when we find information that may belong to you on the dark web.

Your Dark Web Monitoring Notification displays two types of exposed information. When you enroll, you provide us with information, and we monitor it actively. If we detect this information on the Dark Web, it will be displayed in the Exposed Information section of the Dark Web Monitoring Notification. If we detect other exposed information that may be related to you, we will notify you as well. Even if you did not provide the specific information to us, it is possible to use the information you have provided to help detect other information that may have been exposed; but since we have not collected this information from you, we can only notify you that it has been exposed, and not provide any other details. For example, in the case of a healthcare database breach, if you have provided your Insurance Account and Insurance Provider information for monitoring, we may also be able to notify you of additional data that may have been exposed, such as blood type, prescription medications, diagnoses, and related details. This type of information would be displayed in the Additional Exposed Information section of the Dark Web Monitoring Notification.

We do not pay for or buy personal information on the dark web, private forums, or any other means.

Any data that you provide is encrypted, and only a few selected employees who undergo training on how to handle personal information can access sensitive personal information. These employees must provide their unique credentials every time they access personal information and are subject to monitoring by our Information Security team.

Personal information is stored and managed by an advanced and encrypted database.

Since the dark web is constantly changing, no one can guarantee that they monitor 100% of it and private forums. Dark Web Monitoring goes beyond easily accessible sites and marketplaces, infiltrating private forums, the social web, the deep web, and the dark web.

There could be several reasons why you may not recognize the website mentioned in a notification. Here are a few reasons:

• The account may have been created via Facebook or Google login. Some accounts may be old, and you may not remember using the website or service.
• You may have provided login details (username/password) for one-time use, after which you may never have returned to the website or account.
• Sometimes, breached sites or services may deactivate exposed accounts, making it difficult to remember or identify an account as belonging to you.

Even if you don’t recognize the password shown in the alert, we recommend changing the password associated with the affected website or any other site where you've used the same password.

For some alerts, we ask you for a confirmation of the activity or transaction so we can determine if there might have been the possibility of an identity theft incident. For other notifications, such as Dark Web Monitoring, we notify you that information that may belong to you has been detected. These notifications do not require a confirmation from you because they result from a scan we perform on your behalf and not a result of your activity.