What is a dark web alert, and how does it work? (2024)

What is a dark web alert?

A dark web alert is a cybersecurity warning you may receive if your sensitive information is discovered on one of the many sites on the dark web. But before we explain how the alert works and what it means, you should know what it’s supposed to warn you about.

The dark web is a part of the internet that you can’t access with regular browsers or popular search engines – in other words, you can’t just Google a site on the dark web. If you want to access it, you’ll need a specialized tool, such as the Tor browser.

Websites hidden on the dark web are encrypted, and for a good reason. The dark web is often host to criminal activity. Dark web online marketplaces are a go-to for hackers and criminals who want to buy and sell, for example, stolen information. This information can include:

• Names.
• Home addresses.
• Phone numbers.
• Email addresses.
• Login credentials for online services.
• Social Security numbers.
• Credit card numbers.
• And other personally identifiable information (PII).

If you’re curious about what other types of data can be found on the dark web and how much it costs on average, see our dark web case study, in which we investigated some dark web marketplaces and their contents.

Where does the stolen data come from?

Sensitive data that appears on the dark web most often comes from data breaches, malware attacks, or other fraudulent activities (such as phishing email scams). Most of us have multiple online accounts, and the companies managing those accounts are targeted by hackers all the time. If a data breach occurs at a company you have an account with, identity thieves can get their hands on your personal information and sell it.

A dark web alert is a way for you to be notified if your personal information appears on a dark web marketplace. It acts as a heads up and allows you to take action to protect your identity.

How does a dark web alert work?

Dark web monitoring services involve scanning hundreds of websites for users’ personal information. This automated process would be impossible to do manually, even if you gained access to the dark web.

Once you input your information (for example, your email address), the dark web monitor knows what to look for. Then, it performs a scan in the background every day for as long as you use the service. It’s not distracting or resource intensive. The monitor scans hundreds of pages on the dark web, and if it finds something, it sends a notification warning you that your data may be in the wrong hands.

Should you be concerned if you get a dark web alert?

If you receive a dark web alert, fortunately, it doesn’t mean that someone has already used your data. It just means that it has been found on the dark web, which means that it can be obtained from there.

However, if you receive an alert, it still means that you have been a victim of data theft. Your data is no longer under your control – it’s available on some shady online marketplace. It can be purchased and used by criminals to create fraudulent accounts in your name, hack into your existing accounts, or steal money from you or your close ones by means of phishing.

What should you do if you get a dark web alert?

Receiving a dark web alert should encourage you to take immediate action and do everything you can to ensure you have the best possible identity theft protection. Here’s what we recommend:

1. Change your passwords

Change all passwords associated with the data found on the dark web. If you use the same password on multiple accounts, change them all. You should create a strong password for each online account and make it unique so that if criminals somehow get it, they can’t use it as a “one key for all” solution. If you have difficulty remembering all those unique passwords, store them in a secure password manager.

2. Check for unusual activity

If you receive a dark web alert, pay close attention to your accounts, especially bank and other financial-related accounts. Try checking if no one uses your identity by examining credit reports and bank statements. Signs of criminal activity in your accounts may be minor and easy to overlook. If you notice any suspicious activity, talk to the police immediately, freeze your bank accounts, and change your passwords.

3. Enable multi-factor authentication

If possible, enable multi-factor authentication (MFA) to protect your accounts from thieves. MFA requires you to log in to services using your password and one or more additional verification methods. For example, two-factor authentication (2FA) may require a password and a one-time code sent in a text message to log in.

4. Contact your bank and/or credit card issuer

If the information found on the dark web includes credit card numbers or other financial data, the safest thing to do is to contact the relevant organizations and inform them of the situation. The employees will know what to do. They will most likely freeze your cards and accounts to prevent unauthorized activity.

5. Secure your Social Security number

If you are a US citizen, contact the Federal Trade Commission to report a stolen Social Security number. It’s best to do this even if you’re unsure if your SSN is already in the wrong hands. If it is, you won’t know about it until something bad happens, so securing it as soon as possible is better.

You can file a report online at SSA.gov.

If you are not from the US, contact your bank and local police department to secure leaked identification numbers applicable to your country.

6. Report a passport theft

If you have a passport and its data is also on the dark web, contact the Bureau of Foreign Affairs and report that it has been stolen. You can easily do this by visiting travel.state.gov. Here, you can apply for a new passport if you wish to do so.

As a non-US citizen, report your stolen passport to the appropriate authority. You can usually file a report online at the appropriate government website.

Other security alerts

Dark web alert is just one of many security alerts you may receive. Here are other examples of alerts against various online threats:

• Malicious website alerts. Services like Threat Protection Pro can notify you if you unknowingly try to access potentially malicious websites. This can happen, for example, if you click a link attached to a phishing email.
• Credit monitoring alerts. These alerts notify you of suspicious activity on your credit reports. They work in real time and can help you act quickly if someone has stolen your identity.
• Bank account alerts. These alerts notify you of activities on your bank accounts. For example, you can set them up so that you are notified of debit card transactions that exceed a certain amount or if your debit card is used to withdraw money at an ATM.
• Identity theft alerts. Services that offer identity theft alerts monitor your credit activity and may notify you, for example, that a new account has been opened in your name.
• Court record alerts. These inform you of court cases that match your personal information. For example, they may notify you if a criminal has used your information to hide their real identity during arrest.