About this guide
Chapter 1: Where is the dark web?
Chapter 2: How do you access the dark web?
Chapter 3: What’s on the dark web?
Chapter 4: Protecting your employees from the dark web
The dark web.
If you’re like most folks, this is a term you’ve likely heard. However, you probably aren’t 100 percent certain what it means, where it’s located, and how cybercriminals use it to harm your employees.
That’s totally understandable — the dark web is an inherently confusing place that’s shrouded in secrecy. Even major media outlets struggle to paint an accurate picture. Some of the most respected names in journalism often get the details wrong, use incorrect terminology (which we’ll analyze in the next section), or cite outdated and incorrect statistics.
We created this guide to help clear up some of the confusion. In it, we show you everything you need to know about the dark web, as well as steps you can take to protect your employees.
But, before we can do any of that, it would help if we discussed where the dark web is actually located.
To understand where the dark web exists, we’ll need to examine the three layers of the internet: surface web, deep web, and dark web.
The surface web
Also known as the “visible web,” this layer of the internet is what 99.99 percent of the world uses. This is where you access Facebook, read the news, and search out delicious new recipes.
To view the surface web, you need just two things: an internet-capable device and access to the internet. There are no secret URLs to enter, specialized software to use, or confusing processes to remember. Just head over to Google, or whatever search engine you prefer, and the rest pretty much handles itself.
Here’s how that process might look if you wanted to use the surface web to sell some of your old books, providing you didn’t know eBay existed.
Go to Google
Search for “how do I sell stuff online?”
Google gives you results
You discover eBay
Although there are many similarities with selling goods and services on the dark web — a topic we’ll cover in greater detail later in the guide — the process works a bit differently. The important thing to remember here is that you didn’t need to enter in eBay’s direct URL or even know that it exits. That’s because eBay is indexed, as is every website available on the surface web.
This indexing is what makes the page “visible” to search engines.
While there are billions of indexed pages on the “surface web,” this accounts for only a small portion of overall webpages. In fact, some estimates suggest that the deep web houses as many as 500 times more pages than the visible web.
This isn’t necessarily a bad thing.
Inside the deep web
Before we discuss what the dark web is, it’s important we issue a disclaimer about what it isn’t. Despite what you may have read, heard, or seen, the deep web is not synonymous with the dark web. These are two very distinct entities.
So, what is the deep web?
Also known as the “invisible web” and the “hidden web,” the deep web consists of all the online pages that aren’t indexed by search engines. The vast majority of these sites are completely legal. In fact, a great many of them are vital to how we securely use the internet.
The following are all examples of pages that exist on the deep web:
Email -- Gmail
Online banking -- Wells Fargo
Subscription video services -- Hulu
Healthcare records -- Aetna
Payment information -- Visa
Messaging apps -- Facebook Messenger
Paid media sites -- New York Times
File sharing Apps -- Dropbox
The above examples illustrate how critical the deep web is to society as we know it.
You certainly don’t want someone to access your online banking info or message history by simply conducting a search. The deep web is equally vital to businesses. Subscription services like The New York Times and Netflix depend on subscriber revenue to operate. Without the deep web, anyone could access this content and the websites and services would quickly go extinct.
You can access the vast majority of the deep web via traditional hostnames and the same browser you use on the surface web. Additionally, the URLs you visit consist of website suffixes with which you’re familiar, such as .net, .com, .org, .gov, and others.
This is not the case with the dark web.
The dark web’s location
At the very bottom of the deep web is the dark web, and it is an entirely different beast.
While the deep web’s content is essentially hidden from search engines, you can access most of this information in the same way you do sites on the surface web — as long as you have the proper credentials and access.
This isn’t the case with the dark web. While the dark web uses the internet, it’s only accessible via special software, authorization, or configurations. If you were to try to access a dark website with a traditional browser, like Chrome, Safari, or Internet Explorer, you would receive an error message.
Instead, you must use a special browser called Tor Browser. Additionally, there are no .coms, .nets, or any other web suffix you’ve probably used in the past. There are only URLs that end in .onion.
Now, let’s take a look at how one would access the dark web.
Step 1: Connect to a Virtual Private Network (VPN) *optional
Before connecting to the dark web, many users will first connect to a Virtual Private Network. Known more commonly by the acronym VPN, these services are critical to maintaining a user’s anonymity and security online.
A VPN allows you to browse the web privately by creating an encrypted “tunnel” between you and the remote VPN server. By routing all external internet traffic through the VPN, it protects your data from being viewed by your internet service provider (ISP). Instead of displaying the IP address of a user’s device, it instead shows the IP address of the VPN or an entirely fake IP.
To be clear, a VPN isn’t required to view the dark web. However, hackers, cybercriminals, and identity thieves are most certainly using them — and they’re not the only ones. Privacy advocates worldwide encourage all internet users to utilize VPNs when browsing the web.
We won’t delve into the specifics within this guide, but it’s worth noting that some users choose to connect to a VPN after launching Tor Browser. There are benefits and drawbacks of using each connection sequence.
Step 2: Use Tor Browser
To visit a .onion site on the dark web, one must use Tor Browser.
It’s important to note that not everyone who uses Tor is a cybercriminal, hacker, or identity thief. Tor is a vital resource for those who seek to do good as well. Here are just a few of the ways this browser helps create a safer and more private world.
You can learn more about how Tor Browser functions by watching this nifty video. However, we won’t delve into the technical aspects here. For the purposes of this guide, you only need to know that the software allows users to access hidden sites by hindering others from discovering a user’s true identity.
We use the word “hindering” instead of “preventing,” because no method works 100 percent at obscuring a user’s identity. Risky user behavior can undermine even the most sophisticated identity-masking technology.
Types of illegal activity on the dark web
Due to the anonymity the dark web offers, there’s no surprise it’s used by a wide variety of criminals, including:These criminals can sell their services in a variety of ways. However, the most popular is through illegal marketplaces.
How do illegal marketplaces on the dark web work?
It can be difficult to imagine, but illegal marketplaces on the dark web function much like the large e-commerce sites on the surface internet. In fact, they are very similar to eBay and Amazon. But instead of purchasing ink for your printer or a necklace for your daughter, you could purchase 200 pounds of cocaine or a fake passport and Social Security card.
One of the most well-known marketplaces is DreamMarket (DM), so we’ll use it as our primary example. The screenshot below is how the DM homepage appeared on the morning of December 17, 2018.
Let’s take a closer look at some of the many offerings.
Items for sale on the dark web
The first thing you’ll notice is the “Browse by Category” navigation feature, which sits in the upper left corner. There are five major categories here: Digital goods, drugs, drugs paraphernalia, and services.
The Digital Goods category contains a wide array of downloadable material. You can purchase materials relating to data, drugs, ebooks, erotica, fraud, hacking, information, security, software, and miscellaneous items that don’t fit into a larger category.
This one is pretty self-explanatory. However, the range of drugs offered and the sheer quantity available for purchase is staggering. Dream Market organizes their offerings into the following categories: barbiturates, benzos, cannabis, dissociatives, ecstasy, opioids, prescription, psychedelics, RCs, steroids, stimulants, weight loss.
Each of these categories contains subcategories. Let’s take “stimulants” for example, which has nearly 13,000 listings. These are sorted into the following five subcategories: cocaine (7,015), meth (2,030), prescription drugs (287), speed (2,712), and pills (226). The numbers in parentheses indicates how many separate listings there are.
Not every drug featured on DM is illegal either. Many legal drugs are sold here as well, such as insulin for diabetics and rescue inhalers for asthmatics.
Drug paraphernalia consists of devices and tools that aid in the use, manufacturing, or selling of drugs. For example, you can purchase bongs and meth pipes, as well as scales and production chemicals.
This catchall category contains items that are not related to drugs, services, or digital goods. These are broken into the following sub-categories: counterfeits, electronics, jewelry, lab supplies, miscellaneous, and defense. Each of these subcategories can be further expanded.
For example, the counterfeit section consists of many offerings. As you can see in the below image, you can purchase counterfeit money from around the globe, fake designer apparel, and much more.
The services category is arguably the most-frightening of any offered on Dream Market. As of the writing of this guide, there are nearly 6,000 listings in the following subcategories: hacking, IDs and passports, money, other, and cash out.
A user can easily purchase Date of Birth finders, Social Security number tools, passcodes, fake driver’s licenses and passports, compromised login credentials, and much more. In many instances, identity thieves will offer bulk pricing for compromised employee data and credentials.
This includes credit card numbers.
Take a look at the following listing. For less than $20, cybercriminals can purchase more than 2,000 credit card bank identification numbers. And judging by the seller’s number of transactions and favorable review score (topics we’ll investigate further in our guide), the identification numbers are likely accurate.
Making purchases on the dark web
What might surprise you about illegal marketplaces on the dark web is how closely they mirror actual business marketplaces. Let’s take a closer look at some of the greatest parallels.
User review and rating system
As with Amazon, eBay, and other large retailers, online marketplaces encourage buyers and sellers to rate and review their transactions. With each product listing, you can view the seller’s number of successful transactions and their average rating. The below image shows an MDA seller who has successfully processed 600 transactions and has an average user rating of 4.91 out of a possible five.
Ratings are categorized by star level (one through five) and date of transaction (newer than one month, between one month and three months, and older than three months).
Buyer reviews contain dates, star ratings, comments, and transaction amounts.
Making payments and the use of escrow accounts
With all of the security undertakings users have exercised to this point, it wouldn’t make much sense to make a purchase using their debit card or a personal check. Thus, cryptocurrency is the preferred payment method on the dark web. (Cryptocurrency is another highly-technical topic that warrants its own ebook.)
For now, all you really need to know is that cryptocurrency allows users to purchase and transfer funds securely and anonymously. The most popular unit, and the only one accepted at Dream Market, is bitcoin. As a point of reference, one bitcoin is currently worth around $3,400.
Using escrow accounts
Buying $20,000 worth of cocaine from online strangers can be stressful. That’s why many dark web marketplaces allow you to place your funds in escrow. Sellers can initiate a payment and finalize the transfer of bitcoins when they receive whatever item they purchased.
Terms of Service
Like any marketplace, those on the dark web often contain terms of services (TOSs). This is true for both Dream Market and the sellers who use the site. Here’s a sample TOS from a psilocybin dealer. As you can see, the seller relays important information regarding quality guarantees, shipping and handling information, as well as delivery options.
Dream Market also offers its own TOS for vendors and buyers, which includes forbidden products and services. In case you’re wondering, DM bans assassinations and other services that involve harming others, weapons of mass destruction, fentanyl (the only banned drug), weapons, poisons, child porn, and live action media involving violence and murder.
These values, as limited as they might be, make Dream Market one of the most “ethical” marketplaces on the dark web. There are many others designed specifically for the trade of child pornography, murders for hire, and terrorist activities.
If you’re like most folks, at this point you may be feeling overwhelmed by the many and various dangers lurking on the dark web. Recent events aren’t helping either. It seems that each week brings tales of yet another disturbing new data breach, hack, or ransom demand.
The good news is there are steps you can take to protect your organization and employees from the risks of the dark web. And the even better news is that you’ve already started the process by educating yourself on the danger that exists in today’s digital era in reading this article.
As is so often the case with important things, the best form of protection lies in prevention. If your organization doesn’t already have a robust cybersecurity plan in place, you should develop and implement one ASAP.
If you don’t know where to begin, there are many outside agencies you can hire to help you bolster your security. Keep in mind, not all services are created equal. At bare minimum, you need a solution that offers the following protections — all of which come standard with InfoArmor’s VigilanteATI service:
Deeply embedded operatives
You can’t rely on third-party news feeds or automated data collection. You need a solution that leverages human operatives and researchers to provide real-time intelligence and analysis that traditional providers can’t deliver.
Your solution must protect your perimeter from external threats. This entails using multiple assessment techniques to continuously monitor and identify your areas of exposure so you can bolster your defenses.
Dark web forum access
Hackers collaborate in highly-restricted forums, and you need to work with providers who have spent decades cultivating trusted personas to engage as part of the community. This access and knowledge will help alert your company to emerging threats so you can act preemptively.
Breach intelligence and third-party exposure
If your data has been breached or exposed, swift action is key. A quality provider will offer key insights into real-time risks and help you take decisive action that may be the difference between protection or exposure.
Given the fact that the majority of American workers have already had their identities compromised, we also recommend offering identity protection as an employee benefit. This will help protect your employees from the many risks posed by identity theft.
Be certain any plan you consider contains the following features, all of which come standard with PrivacyArmor Plus:
Dark web breach notifications
Deceased family member remediation
IP address monitoring
Social account takeover
Unlimited TransUnion credit reports and scores
Annual tri-bureau report and score
Fraud reimbursement and fraudulent tax refund advances
Full-service fraud remediation with a dedicated Privacy Advocate®
Accounts secured with two-factor authentication
Pre-existing identity theft coverage at no extra cost
Generous family coverage that includes kids, parents, in-laws, and other dependents
living at home
In-house Privacy Advocates available 24/7
No age cap on minors or “aging out” of coverage
$1 million identity theft insurance policy
If you’d like more information on how to protect your employees and company, the following resources might help.
Dark web: the part of the deep web which can only be accessible via special software that allows users and website operators to maintain anonymity
Deep web: the part of the internet which can’t be discovered by using standard search engines (ex: password-protected pages and the dark web)
Employee identity protection: an employee benefit that protects your employees’ identities, privacy, and finances
Indexed pages: website pages that exist on the surface web and can be found by using search engines like Google
Non-indexed pages: website pages that exist on the deep web and cannot be accessed using traditional search engines
PrivacyArmor: a best-in-class employee identity protection benefit
Surface web (surface internet): the part of the internet that can be found and accessed via traditional search engines (see also visible web)
Tor Browser: a special web browser that allows users to view the internet anonymously and connect to .onion URLs on the dark web
URL: standing for Uniform Resource Locator, this is the address of a given webpage (ex: www.google.com)
Visible web: the part of the internet that can be discovered by using traditional search engines (see also surface web)
VigilanteATI: InfoArmor’s award-winning advanced threat intelligence solution
VPN: standing for Virtual Private Network, these networks anonymize and encrypt user data so they can more securely and privately use the internet