But what is it? Dark Web;
As we have already mentioned in a previous article, Dark Web is a part of the internet that is not easily accessible to the public. The users they use special softwares to acquire access into a sites of the Dark web. One of these is the Tor browser.
One of the biggest advantages of Dark Web is anonymity, which offers. For this reason, it is mainly used by fraudsters and malicious people hackers to do secretly illegal activities. The majority of sites include illegal services, dealing with the sale of narcotics, stolen personal data, weapons, etc. It is also used by journalists and scientists who want to communicate secretly.
What information is being sold to Dark Web;
One of the main goals of hackers when making one attack to businesses and individuals, is the theft of sensitive personal data. The information, which have a higher value and are sold in the Dark Web are as follows:
- Username and passwords
- Electronic payment information
- Credit Card Details
- Driving license numbers
- Diploma Information
- Passport information
- Medical records
- Account details
According to Experian, credit card details may be worth more than $ 100. If additional items such as banking are included information and personally data, the price is higher. Driving license numbers are worth about $ 20 and passport information of at least $ 1.000.
Why is it a business risk?
The businesses, whether large or small, are targeted by hackers. Why; Why business have a large number of data that can be worth a lot on the Dark Web. Think about how much information you have stored on your systems. This information belongs either to your employees or to your employees customers your. Some of their usernames and their names codes Access can give criminals access to personal and financial information about your business, the staff you or your customers.
How do criminals steal your business information?
Hackers are constantly developing new techniques to attack and to steal information of the victims. The most common of these techniques is:
The actor sends one e-mail to the victim and pretends to be a known company. The hacker fools the victim and asks him to open a malicious link. So he installs malicious software and steals data and credentials of the victim.
It is a kind of Phishing where the hacker usually mimics the employer or senior officer and forces the employee to enter personal credentials and other sensitive information on another site. It can also request to download a file, which also leads to data theft.
Ransomware attacks are among the most common attacks on businesses. Hackers encrypt victims' records and ask for money to bring them back.
Can we avoid theft of data?
Businesses of all sizes, storing information online courses, they need to take measures for their cyber security. Although the risk can not be avoided altogether, taking some measures can help.
Here are some tips:
- Never attach an attachment unless you first check the sender.
- Do not rely solely on your name and email address, when you control the sender.
- Do not respond to emails that are trying to cause you fear.
- Be aware of the email they have spelling and syntax errors. They are usually dangerous.
- Check them out headers of the email.
- Educate your employees both the theoretical and the practical level of how to control emails and what to do in any case.
How to improve your security;
Looking for personal information on Dark Web by yourself is a difficult, dangerous and time-consuming process. There are companies that can do this job for you. They can find out if any of your business information is on the Dark Web and let you know to take the appropriate action.
Also, these companies can also help in educating your employees. They can simulate phishing attacks to practice employees to recognize these emails.
This also applies to small businesses, which may think they are not in danger. In fact, according to Forbes, small businesses were the 60% of the victims of the 2018 attacks.