The Dark Web – the Place Your Personal Data Goes to Set You Up for Scammers!
Have you ever been a customer of Equifax, Adobe, Yahoo, LinkedIn, Talk Talk, Carphone Warehouse, Canva, My Fitness Pal?
They’ve all suffered major data breaches, some of them more than once! So, if you have been a user of any of these products or services, there’s a good chance the email address and associated password was compromised. Potentially, other information has been too, such as credit card details, date of birth and other personal information that can be used to scam you out of money or for identity theft – so a hacker taking out a loan in your name, for example.
That information is now for sale on the Dark Web – the encrypted network used by criminals to sell drugs, weapons, and other illegal products and services. It’s also where your data gets posted for purchase by any criminal who wants to steal your money. It’s not an exclusive deal either – many Black Hats (the name for criminal hackers) can buy your details.
One of the problems with this is it makes you significantly more likely to be targeted for a scam and it also increases your risk of falling for whatever scam they send you.
Let’s take a real example: Equifax was breached in 2017. Recently, they’ve announced they’re offering compensation to those who were affected. Black Hats have the list of people who were part of the Equifax breach and have their email addresses. They’ve been targeting those people with phishing emails, pretending to have originated from Equifax. These emails encourage victims to click the link, taking them to a website where they can claim their compensation. Only the website is a spoof: it looks like the Equifax site, only it isn’t. All they then need to do is ask for the correct bank account and sort code for them to transfer the compensation and – the Black Hats now have up to date banking information for you – as well as your email address. So, chances are, your password is still the same too….
Having your personal email breached is one thing, but how many of you - and your staff – use work email addresses for personal accounts such as My Fitness Pal? And how many of you use the same password for everything? Or reuse old passwords? Like perhaps, a password the Blacks Hats found on the Dark Web from the LinkedIn breach FOUR years ago. Now, your business email is also compromised along with all the information within your emails and your contacts’ details.
So, what can you do to protect yourself? Here’s what we recommend:
- Log on to www.haveibeenpwned.com and check ALL your email domains. If any have been pwned, change the associated passwords (to something completely new!)
- Use a password manager - you only have to remember ONE password and the password manager will do the rest for you
- Don’t use your work email for anything personal – change those now!
- Regularly check back with www.haveibeenpwned.com to see if your details have been compromised!
The ‘have I been pwned’ website will tell you if you’ve been compromised, but it’s not a Dark Web scan. A Dark Web scan will confirm your details are for sale and will show exactly what has been compromised.
Alternatively, contact Francis West on 020 3195 0555 or 07872 552 555.
Francis West, CEO
020 3195 0555