How financial crimes are hidden in the dark web
The internet can sometimes be a murky place. It is a vast, decentralised network that has revolutionised the way we live in both positive and negative ways. Many people will be familiar with cyber-crime and the risk of having credit card information or your identity stolen, but are perhaps not as familiar with the darker recesses of the internet. There are places that exist beneath the surface of the ordinary web which are inaccessible to the majority.
These places are collectively known as the dark web and are where criminals can anonymously exchange goods and information outside the reach of police and security services. The dark web has inspired thousands of headlines on drugs and explicit images, but the truth is maybe a little different. Ignoring the hype, we take a look at exactly what the dark web is and the risks it creates.
What are the dark web and deep web?
Firstly, it is important to understand the different layers of the web – the surface web, the deep web, and the dark web. The surface web is any content that can be catalogued by search engines, these include the types of website we all use every day, which search engines like Google ‘index’ by following hyperlinks and tracking keywords.
Content in the deep web is not necessarily completely hidden or anonymous, but it cannot be indexed in the same way as the surface web. This includes content that is behind firewalls, paywalls and other types of protection, or things like a website’s internal search results.
The dark web is a section of the deep web that is deliberately hidden and cannot be accessed with regular web browsers. The dark web came about as a result of the US government developing software known as Tor in the mid-nineties. It was a way of allowing intelligence to be shared around the world without fear of interception. It works by encrypting a user’s location and the information they send and receive, ensuring privacy and anonymity. Inevitably a community of users grew that exploited this security for illicit means – giving rise to ‘the dark web.’
Financial fraud and the dark web?
However, the size and nature of this layer of the web may be overhyped or misunderstood. It may be the case that people confuse the huge deep web with the dark web (which is a subsection of the deep web), or that the salacious headlines about places like Silk Road create the idea of a digital Wild West. Whatever the reason, research from Intelliagg shows that the dark web is made up of only about 30,000 websites and that 48% of the content could be deemed illegal.
Interestingly, 40% of this illegal activity was categorised as ‘leaked data’ or ‘financial fraud’ – indicating that the dark web is an important tool for criminals looking to compromise or abuse personal financial details, such as credit card numbers or bank log-in details, to be able to engage in credit card fraud. Considering there were 5.1 million incidents of online fraud in England and Wales in 2014-15, the potential growth in the use of anonymous marketplaces and forums to sell financial data is huge.
The types of data available to buy on the dark web often come in packages. Some may contain basic pieces of data like a credit card number, name and CVV2 code, while others can have a ‘dump’ of the data that is stored on the magnetic strip of a card, allowing it to be cloned.
Certain websites will even offer a package containing the full financial information of a victim – allowing the criminal to open false bank accounts where they can transfer and store their illegal gains. Such details can often change hands for as little as £5 - £10 per card and it is often more profitable to sell financial information than to use it for fraud.
How thieves steal financial information
Financial details can be obtained in several different ways, common methods include ‘phishing’, ‘skimming’, malware or data leaks. Phishing will usually involve a fake email or website that entices a user into entering their credit card details in good faith. Skimming is the use of a device mounted to a card reader – either in a store or at a cashpoint that stores the card’s information when swiped.
Malware is software that is secretly installed on your computer when you visit an unsafe website or download an infected file – it will search for data stored on your computer and track when you enter information into forms.
Data leaks are when a website or company that stores a large number of card details gets hacked – such as in 2015 when Carphone Warehouse suffered a breach that exposed the personal data of 2.4 million customers including the credit card details of up to 90,000 people.
There are simple steps you can take to lower the risk of being a victim of financial fraud which mainly involve being vigilant when sharing any personal details online. It is also a good idea to check your bank’s policy when it comes to requesting personal data – most will never ask for a password or pin over the phone for example – so that you can spot unusual requests more easily.
If you are worried about the security of your personal data, your Equifax Credit Report & Score – free for the first 30 days then £7.95 monthly – comes with WebDetect, which alerts you if it discovers your financial details have been shared on websites used by fraudsters, helping you to respond quickly to potential threats. You also get unlimited access to your credit report online and alerts of any significant changes to your report.
- How to report identity theft
- How to protect older people from being scammed
- Using contactless mobile payments and apps
- Safeguard your personal data when using smart home assistants
- Safeguarding your family’s personal data on smart toys
- How your identity could be stolen offline
- Protect against ID theft when making mobile payments
- Online Fraud Terminology
- What is anonymous browsing?
- Distributed Denial of Service explained
- How secure is your email?
- Identity theft and fraud explained
- Financial fraud explained
- Best practices for avoiding identity theft
- Stay safe online: Creating a secure password
- Scam avoidance: A few ways to help stay secure
- Are smart gadgets putting you at risk of identity theft?
- Helping your children stay safe online
- Should you share your location on social media?
- Safeguard your personal information on video game consoles
- Would you do internet banking on your smart TV?
- How fraudsters use Wi-Fi hotspots to steal data
- How to avoid email fraud
- Preventing your child’s identity from being stolen
- Keeping your personal information secure when moving home
- Protect yourself from becoming a victim of SMS phishing
- Protect against identity theft when sharing photos online
- Safeguard your identity on mobile apps
- Your social media profile and identity theft
- What is credit card fraud – can you prevent it from happening to you?
- How fraudsters can hijack your browser
- Safeguard your identity on Facebook and other social media sites
- Going on holiday - keeping your identity safe
- How to prevent smartphone identity theft
- Shopping online – staying safe against identity theft
- How to spot and avoid romance scams
- Facial recognition and identity risk
- Dealing with phishing phone scams
- How cyber attacks happen
- Safer Internet Day – protecting children online
- 7 Signs of Identity Theft
- How to avoid contactless card fraud
- What Are Data Breaches?
- How to Spot a Phishing Email
- ID Fraud Overview
- How much do you know about the Dark Web?
- Are you losing your identity?