Shedding Light
 On the Dark Web

YOUNGSTOWN, Ohio — Everyone knows if a company offers something for free, it’s likely just to upsell you on other products and services.  Sometimes what they’re offering has some value, even if it is a marketing attempt. But dark web scans? Nope. Giant scam. Let’s talk about why.

The dark web is a part of the Internet that’s accessible only using specialized software. You can’t open up Firefox, Chrome or the browser of your choice and visit a site on the dark web without some extra steps.  

Most of the dark web is relatively innocuous but because of its obfuscated nature, it’s a natural home for websites dedicated to illicit activity. Among other functions, marketplaces exist for the purpose of selling or buying stolen personal and financial information such as Social Security and credit card numbers.

It sounds like a dark web scan is good idea, right? Unfortunately, it’s not so simple. 

There are so many possible website addresses on the dark web that I had to look up how to say the number because I couldn’t remember what comes after a quadrillion.  Turns out, it’s over one septillion possible addresses. And those are just the most popular extensions.

While it requires special software to access the dark web in the first place, once you’re there, it works like normal websites.  Exclusive content – the stuff that’s being bought and sold – is behind a username and a password or other security measures. Since these sites are setup for illegal activity, once they become well-known enough to attract attention, they’re abandoned and the activity migrates elsewhere.

Do dark web scans do anything? Maybe. More than likely, these scans are searching through large, well-known public databases of compromised and leaked usernames, passwords, Social Security  and credit card numbers. Results are compared with your information, which you can do for free on your own. The most popular site for doing this is HaveIBeenPwned.com. Input your email address and it will search through the same list of compromised credentials that most dark web scans use and spit out a list of from where your information may have been leaked.

Your best bet, however, is simply to assume your personal and financial information has been compromised and treat it as such. Check your credit reports regularly and freeze them if possible to prevent unauthorized accounts and credit checks from being opened in your name. Change your passwords often and use a different password for each site. Also, request to close accounts you no longer use and ask the company to verify it’s deleted your personal information.  

Treat all sites that ask for your personal information with a healthy dose of skepticism. Don’t provide information to any company unless you’re 100% sure it’s a legitimate request and (try) to work with reputable companies that respect your rights as a consumer and take precautions with your data. And finally, be wary of any company offering a free dark web scan. With a little initiative and searching, you can find the same information on your own without giving your details to yet another company.

Robert Merva is the owner and CEO of Avrem Technologies, a Canfield-based business IT and cybersecurity consulting firm he started in 2007.

Bits and Bytes is sponsored content produced by Avrem Technologies.