The Dark Web
Think of it as the sinister version of the internet.
It’s not easily accessible and is used extensively by criminals to buy and sell stolen goods and products.
It’s where cybercriminals sell the data they have stolen, such as bank account details, passwords, customer data, names, addresses and more.
It’s also where other criminals buy such data in order to clone credit cards, take out loans, drain bank accounts and generally ruin your business.
Why does this apply to my business?
Lots of businesses are unaware that their data has been stolen in the first place and the first time they realise something is wrong is when their business is compromised.
This can be in the form of:
• Money disappearing from your bank account
• Loans being taken out in the company name
• Customer data going missing
• Being locked out of software and social media platforms
• Damaging changes to websites
• And more.
How do they get the data in the first place?
Generally, from phishing emails – sophisticated fake emails that attempt to trick the target into doing what the scammer wants.
That might be handing over passwords to make it easier to hack a company or altering bank details so that payments go to fraudsters instead of the correct account.
The aim and the precise mechanics of the scams vary: victims might be tricked into a clicking a link through to a fake webpage with the aim of persuading the user to enter personal information (it’s estimated 1.4 million of these fake websites are created every month!)
Other campaigns involve tricking users into downloading and installing malware – for a stealthy approach to theft – or inadvertently installing ransomware, which enables the criminal to shut off all systems and hold the business to ransom, providing the attacker with much more immediate profit.
How can we help?
Firstly, we can monitor the dark web to see if your data is for sale.
We will produce monthly reports that list the email addresses, passwords, and where they are for sale, so you know which passwords to change to secure your information.
Secondly, as the majority of phishing emails are inadvertently opened by staff, we offer bite-sized, online training modules (5-10 minutes each) to show staff what to look out for.
This is followed up by a series of test phishing emails (sent by us) to see which staff are still engaging with scam emails and need extra training.
What to do next:
Simple, get in touch with us and let’s have a chat about keeping your data off the dark web and protecting your company.