ID Theft

Get informed on dark web monitoring and identity theft.

September 29, 2022

You may have heard people mention the dark web on the news or in a film but most of us will never go there in real life.

Think of the internet that we know and use as a city with streets, lanes, buildings and lots of traffic. We’ve all walked down those footpaths or visited those buildings. If the internet is the city, the dark web is a bit like the sewers that run underneath it.

You know it’s there, but you can’t see it and you’ve no real reason to visit. It may be accessible, but it takes a bit of effort. Plus, there’s always the risk that you’d see some pretty unsavoury things if you went there.

The ‘dark web’ is often associated with identity theft, bitcoin scams, drug dealing, phishing scams or even contract killings. That’s because it’s synonymous with illegal activity. It may have a scary reputation but knowing what it is can help to demystify this infamous place. 

Before we talk about dark web monitoring, let’s look at the dark web itself. 

What is the dark web? 

In simple terms, the dark web is a section of the internet where any identifying information is encrypted to keep users, activities and sites fully anonymous.

What we commonly think of as the internet is actually the surface web, the part of the internet that’s publicly  visible. That means it can be accessed via Google, DuckDuckGo, Bing or other search engines. Or you can enter an  IP address and go straight to the site that you want.The surface web has almost 50 billion pages... but that’s just  the tip of the iceberg.

The part of the internet that we can’t see is called the deep web. It’s not indexed by search engines, so you won’t find it on Google. This holds paywalled content, online bank accounts, private social media accounts, subscription services or any other online content that needs to stay hidden.

The dark web is a small corner of the deep web. It’s built on darknets, anonymous networks that can’t be accessed without special software or certain browsers, like a Tor browser (The Onion Router). Internet Protocol (IP) addresses on the dark web are hidden and it’s not indexed. 

When most of us go online, we’ll connect using a phone or device that has a unique IP address. This is like an online fingerprint that allows us to be identified unless you use a VPN to mask your IP address. Everything in the dark web is encrypted so its users and their locations remain secret. That’s why cybercriminals love it.

How can the dark web be accessed?

To enter the dark web, a Tor browser or similar tool is needed that allows to use the Tor network. This wraps your searches or messages in layers of encryption, which is why it’s called The Onion Router.

Once the dark web is accessed, there are dark web search engines that can be used, like DuckDuckGo’s engine, Torch or Recon. A dark web browser is needed to visit specific dark websites.

These dark websites often have addresses made up of random letters and numbers – this isn’t a place that cares about visitor numbers, traffic or a good user experience.

Dark websites can also come loaded with nasty malware so it’s not somewhere to go without adequate  protection.

Why do people use the dark web?

Some people use the dark web for privacy or to keep their anonymity. They may not necessarily be breaking the law. Whistle-blowers may use it to report information without being named and other users may live in a country with extreme censorship.

However, an overwhelming amount of dark web use involves illegal activities. The UK police took down a major international drugs operation in 2021 that was using the dark web to supply illegal drugs. It’s often associated with drugs and pornography, but it’s also been used to hire hitmen, sell weapons or plot terrorist attacks.

For cybercriminals, it’s a marketplace where they can buy or sell everything from software exploits to people’s identities. Or they can meet like-minded people to share tips and insights on different types of cybercrime.  

There have been lots of high-profile data breaches in the UK in recent years and people’s personal information often ends up on sale to the highest bidder on the dark web. Fake passports and fake credit cards are lucrative earners for identity thieves.

Spear phishing and phishing scams are another way that cybercriminals obtain sensitive personal information. This includes usernames, passwords, personal information or even credit card numbers. 

“Once a criminal organisation gets a hold of your name, social security number, date of birth, health insurance info, and more—it will likely sell every bit of it on the dark web,” according to the U.S. Federal Bureau of Investigation (FBI). “Once that happens, the buyer can open credit card or bank accounts, apply for loans, or commit any number of crimes in your name.”

You may not know that anything has happened if you don’t check your credit score. If someone’s identity has been stolen, cybercriminals could use the victim’s name to open accounts or run up debts without their knowledge.

You’ve probably heard about ransomware, which was recently described as the ‘most significant cyber threat facing the UK’ in the National Cyber Security Strategy 2022. Cybercriminals can take over and encrypt an organisation’s network or an individual’s machine. They’ll then demand a ransom for it to be unlocked.

High-profile ransomware victims include Hackney Council and Manchester United Football Club. It was once limited to skilled hackers, but recent years have seen the rise of ransomware-as-a-service. This is where malware developers rent or sell ransomware to cybercriminals who lack the technical know-how to develop it themselves.

The dark web is a popular marketplace for this type of activity. Criminals have also leaked information from these ransomware attacks onto the dark web to embarrass companies into paying up... or risk further humiliation and reputational damage. That can include customer information.

The forums where these illegal activities take place can be surprisingly sophisticated. Forums can be used to conduct illegal deals, share knowledge or hold anonymous conversations. 

Unsurprisingly, scams are not uncommon in the dark web. Certain sites or forums can be invite-only, require an  introduction, ask for proof that you’ve committed a crime, or an entry fee.

Some marketplaces on the dark web even have ratings or reputation points for users. There may be no such thing as honour among thieves, but it turns out there are peer reviews. 

Policing the dark web

While it can be difficult to police a place where everyone is anonymous, law enforcement agencies have been making some inroads into the dark web. There has been some success at targeting criminal activity on the dark web and infiltrating some of the biggest dark web sites.

Operation Dark HunTOR saw the UK cooperate with agencies in Germany, Australia, Bulgaria, France, Germany,  Italy, the Netherlands, Switzerland and the United States. Arrests were finally made in 2021.

One of the most notorious sites was Silk Road, a black-market website that was used to sell everything from illegal drugs to weapons. It was believed to have taken in $1billion dollars in sales. An FBI cyber taskforce eventually took down the site’s founder, Ross Ulbricht, who had been getting a cut of each transaction on the site.

Recently a newer site called Hydra Market was shut down by the German authorities, while the FBI previously infiltrated sites like AlphaBay and Hansa that sprung up following the demise of Silk Road. A common theme on these sites was the availability of forged identification, drugs, illegal goods, digital tools like malware, and personal information that could be used to commit identity theft.

While police are working to crack down on dark web operations, they may be limited in what they can do in individual cases. If your information is being sold on the dark web, it is unlikely that the situation will be resolved by your local police.

Dark web monitoring

If you’re worried that your sensitive data has been compromised and ended up on the dark web, there are steps you can take. Maybe one of your service providers suffered a data breach and your account was affected. Or you may have fallen victim to a phishing scam and belatedly realised your mistake.

The good news is you don’t need to venture down into the sewers of the dark web yourself. Most of the Norton 360 plans as well as the Norton Identity Advisor Plus plan offer Dark Web Monitoring that can scan the dark web for your information. You’ll be notified if your email address, physical address, phone numbers, bank account numbers, credit card numbers, driver’s licence number or your mother’s maiden name is found.

What good is that you might ask? It may seem too late to do anything once your information is already on the dark web but knowing there’s a problem is the first step to solving it.  

For instance, if you know that your email address has been leaked, you can change your password. You can use a  complex password and set up two-step authentication for added peace of mind. If your credit card has been  compromised, you can get it cancelled before any damage can be done.

You can also carry out a credit score check. This lets you see if your information has been used by cybercriminals  to set up any lines of credit or fake accounts. It can also tell you if any fraud has been committed in your name.

How to keep your information off the dark web

One of the worst things about having your information on the dark web is that it’s populated by cybercriminals who know exactly what to do with it. Here are some common scams that could cause your information to end up there and some simple tips on how to protect yourself. 

Phishing attacks

A typical phishing scam will involve cybercriminals sending you a message or email that looks like it’s from a provider or bank. They’ll tell you that you’ve been hacked, or some other urgent action is needed. A link will lead you to a fake login screen that looks authentic but records any credentials you enter. Now they have your details.

Other phishing scams can be more sophisticated or target a specific individual or organisation. With spear phishing scams, they may already have some personal information that they use to gain your trust and extract even more information from you. They can even pretend to be someone you know at work, like your boss or a superior.

Some phishing scams simply want you to click on a link or download a file that will infect your device with malware. This can then steal your logins or extract personal data that can be used to steal your identity. 

How to protect yourself against phishing:

These types of social engineering scams typically appear to be from trusted sources, often warn of an urgent problem, and try to get you to take immediate action. They target your emotions or fears to get you to do what they want.

Take a moment. Think before you act. Does the email contain unusual grammar or spelling? What address did it come from? If in doubt, contact your provider directly to check if it’s legitimate.


There are all different sorts of malicious software attacks. Hackers can target you over an unsecured, public Wi-Fi network. They can infect pop-up links or dodgy websites with malware that’s downloaded when you click on it. Or they can exploit a back door in your device if you haven’t updated its software.

The likes of spyware or Trojans can give them access to your device and your personal details – think how much  valuable information is contained in your phone. That means your sensitive information could easily end up on the dark web if you aren’t careful.

How to help protect yourself against malware:

Reliable antivirus software is one of your best protections against malware. Always run software updates on your devices as soon as they come out. These updates patch vulnerabilities that could be exploited by cybercriminals. Never download suspicious attachments or files unless they come from a trusted source and scan any files with antivirus software before you download them. 

Practice good password hygiene

Protecting yourself when you’re online starts with good passwords. Having a weak password can leave the back door to your online account open. Online accounts often contain your name, address, credit card details or your  date of birth. This can then leave you open to identity theft.

If a cybercriminal has your email address or username, they can use brute force attacks to unlock your account. The simpler the password, the easier it is to crack.

Data breaches are also becoming more common. Data from breaches often ends up on the dark web, where it canbe bought or accessed by some unsavoury characters. If one of your accounts was breached and you’ve reused your password on other accounts, the others can fall like dominos.

How to help protect yourself:

Make sure passwords don’t include family names or real words that cybercriminals could guess. It should be eight characters at the very least – use uppercase and lowercase letters, numbers and special characters.

Never share your passwords and never re-use your passwords. A password manager is one way to usestrong passwords for all your accounts if you don’t have a photographic memory! Two-factor authentication is also a great way to help protect your accounts, even if a hacker gets your login details.

Identity theft

This can happen when someone gets access to your personal data or credit card information. Your name, address and date of birth could be all it takes for cybercriminals to steal your identity.

Some scams use the promise of free stuff or great deals to get you to enter your credit card details or personal information on fake websites.

How to avoid identity theft:

Be careful what information you share on social media accounts. Is your date of birth visible to the public on your social media accounts?

Be wary of social media scams where cybercriminals can clone or hack accounts of your friends or well-known personalities in order to extract information from you. It’s easy to be fooled by some of these accounts, so be careful if a ‘friend’ starts asking unusual questions. As for the free offer scams, if something looks too good to be true, it usually is.

Find out if your identity is on the dark web

The dark web may seem scary, but it doesn’t have to be. With Dark Web Monitoring from Norton, advanced technology delves into the dark web on your behalf, to find out if your data is there.

It goes beyond easily accessible sites and marketplaces by trawling private forums, social webs, deep web and dark web to tell you if your information is there. The good news is you’ll get recommendations on what to do next if it does find anything, so you can take action.  

Learn more.

Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2023 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.