Fraud and identity theft are a quickly growing threat, costing U.S. consumers billions of dollars a year. One of the biggest drivers of identity theft is the dark web, where personal financial information can be sold to the highest bidder.
Once this information is purchased, cybercriminals can use it to invade your bank account, steal your earnings, wreck your credit, and rack up debt in your name.
To keep sensitive information safe, it helps to understand the three different “levels” of the web, and how you can protect your personal data.
Surface Web
Believe it or not, the huge amount of information we access daily through web browsers only represents 4% of the content on the web. The surface web contains publicly available information that can be found using search engines like Google or Yahoo. Sites may include personal or business websites, open news sources, blogs, Wikipedia, YouTube, and other video-sharing sites.
While we spend a great deal of time on the surface web, we don’t usually share any of our personal information while using it, until we move to the next level of interaction.
Deep Web
As the name suggests, the deep web is the level below the surface web and accounts for the vast majority of the internet’s content. Deep web content is not indexed by a web browser and deep web sites are not accessible using a standard web search. Instead, this information is only accessible with sign-in credentials, is locked behind a paywall, or is hidden within the dark web (more on that in a moment).
The deep web includes:
- Web-based email
- E-commerce, online banking, and social media account information
- Medical and legal records
- Fee-based content
- Confidential corporate pages
- Government databases
We interact with a lot of these sites and pages regularly. Because they’re confidential, they’re held to high standards of security to prevent unauthorized access. However, no system is perfect, and hackers have only grown more sophisticated.
If someone’s account is compromised and their financial or personal information is stolen, it may end up in the deepest level of the internet…
Dark Web
The dark web (also known as the darknet) is part of the deep web, representing roughly 6% of all internet content. Accessing the dark web requires special software and overlay networks designed to keep users and websites anonymous.
When you use the surface web or deep web with a standard web browser, you leave digital fingerprints – your activity is visible to the websites you visit and to your internet service provider. On the dark web, websites and activity are much more anonymous.
On its own, using the dark web isn’t illegal. In politically unstable or dangerous countries, people such as journalists and activists rely on the dark web to communicate anonymously for their safety.
However, the anonymity of the dark web makes it an ideal marketplace for illegal goods and services. Unfortunately, one of the most widely trafficked goods on the dark web is personal information. When someone hacks a company and steals its customer records or takes someone’s information using a phishing scam, this information could be sold to the highest bidder on the dark web.
When your information is stolen and used by identity thieves, the damage to your finances can be very serious.
Protecting Your Information & Finances
Take these five steps to keep your financial information out of the hands of identity thieves – and off the dark web.
- Protect your passwords: Use strong passwords for all your accounts and avoid using the same password or PIN across accounts. It’s also a good idea to change passwords regularly.
- Pay with a chip card or digital wallet: When you make credit or debit card purchases at the store, inserting your chip card in the payment terminal is safer than swiping the card’s magnetic stripe. Contactless purchases with your phone’s mobile wallet offer similar protection.
- Set up two-factor authentication: Add an extra layer of protection to your online accounts by setting up two-factor authentication. Logins from an unrecognized device require a confirmation code that is sent to your phone, making it harder for criminals to break into your account using your password alone.
- Secure your online activity: Never use public Wi-Fi when using your phone or computer to make purchases, access online banking, or send sensitive information. The same goes for shared computers (such as those at libraries or hotel business centers). Only access this information using your home network or cellular data plan. If you use public Wi-Fi regularly, consider adding a virtual private network (VPN) for extra security.
- Set up account alerts: Setting up text or email notifications through your bank, credit union, or credit card issuer will help you monitor your account activity, so you can spot a suspicious transaction right away.
If you want to learn more about protecting your information, talk to your financial institution today.