The dark web sounds as frightening as a scary movie, but unfortunately it's a worrisome reality. The activity that occurs there could hurt your finances or, worse, your identity. It's good to be cautious because that means you are ready to learn how to protect yourself.
Take some time to find out about safe practices while surfing online.
Historically, the dark web was designed as a network for professionals like government officials and journalists to collaboratively work on confidential projects and exchange exclusive information. Now, the dark web is where predators, criminals, and identity thieves often lurk.
The dark web has earned its name because it hides tracking information like IP addresses and URLs, allowing all activity there to happen essentially in the dark. It's a hidden area of the internet where stolen social security numbers can be traded or sold for the purpose of identity theft and fraud.
Dark websites cannot be found by using traditional search engines or visited by using traditional browsers. Dark website URLs use router software that prevents search engines and crawlers from indexing their links. This software also prevents tracking— all of which makes the dark web a perfect place for illegal activity. The websites are typically used to provide anonymity for criminals and dissidents, contraband for sale, and access to taboo information.
Financial institutions, including CFNA, and their partners often search the dark web for this information to see if their institutions or customers have been compromised.
How does personal information get on the dark web?
If you've never ventured onto the dark web, your information shouldn't be there, right? Unfortunately, it's not that simple. Even when you are innocently researching, playing, and conducting business on the public web, criminals are lurking. They use forms, free websites, and data breach opportunities to steal your personal information and sell it on the dark web.
Once personal info is on the dark web, how can it be misused?
The dark web is used as a marketplace to sell sensitive information such as birth dates, social security and bank account numbers, medical information, and even addresses. This personal information can then be used to gain access to your financial accounts or, worse, as a way to take on your identity for illegitimate purposes.
How can you prevent information from getting on the dark web?
Technology does not offer a sure-fire way to shelter your data from the dark web. But there are proactive measures you can take to prevent financial consequences or identity theft:
- Don't enter sensitive information on public computers.
- Keep passwords safe (don't write them down), and change them often.
- Never email sensitive information such as social security numbers, credit card numbers or bank accounts, and driver's license information.
- Stay away from unsecure sites such as those without a secure socket layer (SSL) — especially if the site sells products and services, or asks for financial information. You can check if a website uses an SSL Certificate by looking at the URL of the website. If it begins with "https" instead of "http" it means the site is secured using an SSL Certificate (the "s" stands for secure).
- Use gift cards or other secure payment methods not attached to your bank account.
- Do not reply to unsolicited email messages.
- Ensure you know all recipients when replying to or sending an email message.
- Use computing and browsing devices that have current anti-malware and firewall protection.
- Refrain from publishing personal information on social networks.
What should you do when you get a notification telling you some of your personal information was found on the dark web?
Protect yourself by assuming your personal information is always vulnerable even if you have never experienced identity theft or a financial breach:
- Take a few moments every quarter to review your credit reports and financial information.
- Place a freeze on your credit file which will block credit inquiries until the freeze is removed.
- Stay on track with purchase and credit line notifications so you can report suspicious activity as soon as possible.
- Reach out to the credit bureaus—many offer products to help you monitor activity.
- Change passwords and security questions on all devices and accounts frequently.
- Learn more about identity theft, scams, and ways to protect yourself.
Report Suspect Fraud
CFNA is continually monitoring online threats and reviewing our security procedures to protect all of our customer information. The internet is one of the most powerful communication tools available and, unfortunately, criminals use it to defraud unsuspecting people. Scams to retrieve a CFNA customer's personal information can occur through many different channels, such as a phone call, email, or social engineering technique. While CFNA doesn't comb the dark web looking for customer data, we are alerted when it is discovered.
If you suspect fraudulent activity on your account or another person has improperly obtained access to your account, please call us at 800.321.3950.
If you suspect you're received a fraudulent email meant to look like it came from CFNA, please notify us by sending an email to Abuse@CFNA.com. If possible, attach the fraudulent email.