The dark web is a network of websites that masks the identities of website operators and users. These sites can usually only be reached by using a browser that keeps the user anonymous. The dark web should not be confused with the deep web, a much larger group of websites that can be reached by ordinary browsers but is not indexed by search engines.
The dark web is used by individuals who need to conceal their identities. That includes whistleblowers, dissidents and criminals. Stolen personal information that can be used for identity theft is routinely bought and sold on the dark web. Understanding what the dark web is, how it works, how information ends up there and what can be done with it can help you protect yourself against identity theft.
The Three Internets
The vast collection of information that we know as the Internet can be broken into three parts.
The Public Web
The public web is the internet we all know: the sites that are indexed by search engines and are thus available and accessible to the general public. All of the news, shopping, social media, photo and video sharing, blogs and other sites that we visit daily are part of the public web.
Sites on the public web want to be found and compete to attract attention from search engines. Web pages on the public web are easily accessible with a web browser either by clicking a link or typing the URL into a search bar.
The public web, for all its size and scope, contains only about 4% of all the information on the internet.
The Deep Web
The deep web contains all websites that are not indexed by search engines. This is the vast majority of the information on the Internet: over 90%. Most deep web material is not illegal or dangerous, it’s simply private. It includes school and company intranets, online databases, members-only or paywalled sites and even email accounts. Your Gmail account, your Google Drive, and your Dropbox account are all part of the deep web.
Material on the deep web is often accessible through conventional browsers but is typically password-protected and not locatable by search engines. So, a public page might prompt you to login, and once you do you can browse the private content in the same way you would the public content.
The Dark Web
The dark web is part of the deep web, but it’s a very small part. Estimates of its size vary widely but must place it at 3% of the internet or less, by some estimates much less.
Accessing the dark web isn’t about traditional URL searches or log in protection. Instead, these sites are typically hidden in encrypted networks and require specific software to access. Sites on the dark web are also often encrypted to conceal the IP addresses and identities of their operators and their users.
Sites on the dark web are not locatable by search engines, so alongside requiring special software most sites on the dark web will need you to know the exact URL. They usually aren’t password-protected, however, so anyone with the URL and a compatible browser can reach them.
How Does the Dark Web Work?
Most dark web sites use software called The Onion Router (Tor) network. This network uses encryption to hide user traffic from users outside the networks so that it remains private.
Take web traffic on the public web. When you surf to a web page, your web browser makes a direct connection to the website’s server to get the page and its data. While you can encrypt this data exchange, it is relatively simple for someone else to, at minimum, see what parties are requesting and sending data.
Tor traffic, however, uses the concept of “layers” to keep traffic private (hence the “onion” router network). When you request a web page on the Tor network, your request is routed through several different servers. Each time your page request moves through a different server, it gets a new layer of encryption. This way, no one from the outside can accurately determine what data you sent and where you sent it from. Once the Tor website gets the request and sends the data back, the layers of encryption are removed one at a time through different servers.
A website running on the Tor network is called a Tor hidden service and can only be reached by Tor users. Both the site operator and the visitors are anonymous and cannot be identified.
Tor hidden services use the suffix .onion (instead of the more traditional “.com” or something similar). “.onion” domains are not indexed by conventional search engines. Most users locate the web addresses of .onion sites on Reddit or other forum sites, or through a number of Tor hidden services like The Hidden Wiki (or a variant of that name) that serves as a database of .onion sites. There are several Tor hidden services that operate dark web search engines, but their reach is usually limited.
Once a user finds a Tor hidden service dedicated to a certain area of interest, whether legal or illegal, they can often find the other .onion sites catering to the same interest on that site.
The dark web is not really hidden. Anyone who can download and install the Tor browser and locate a .onion URL can reach it. What’s hidden are the identities of the site operators and users.
Who Uses the Dark Web?
Not everyone on the dark web is a criminal. Most law-abiding internet users have little or nothing to do with the dark web, and many are barely aware that it exists. Many ordinary citizens who are concerned about censorship and surveillance, however, use Tor or similar services and popular websites such as Facebook have set up dark web branches to cater to them. The dark web is also used to protect the identities of whistleblowers and dissidents living under repressive regimes.
Criminals do have a significant presence on the dark web. The recent “Silk Road” drug busts highlighted the use of the dark web for criminal activity, and also revealed that while the dark web enhances anonymity it does not assure it.
Many types of criminals use the dark web to communicate and make deals, including pornographers, arms dealers, drug dealers and many others. The dark web has emerged as a place where identity thieves buy and sell stolen personal information: the International Monetary Fund claims that stolen identity documents are the second most traded item on the dark web, after pharmaceuticals.
Identity Theft and the Dark Web
Identity theft is a concern for everyone. Even if you have never committed a crime or looked at the dark web, your personal information could be for sale there.
There are several ways for personal information to end up on the dark web:
- Data breaches are a common source of information. Breaches of financial institutions or other major firms are well publicized, but many less prominent databases are not as well protected and can be penetrated by hackers or with the use of inside information.
- Theft of personal documents is another common source of personal information. This can mean anything from a stolen purse or wallet to a credit card statement or bank statement recovered from a dumpster or stolen from a mailbox.
- Some thieves specialize in using open-source data to fill in missing details and create full theft-ready identity profiles. “Fullz”, or complete packages of identity data on an individual, are among the prime identity theft commodities on the dark web.
Personal data for millions of Americans has been compromised, and much of it is for sale on the dark web. It may not be used until months or years after it was stolen.
How Can I Protect Myself?
Identity theft is a large and growing problem, with millions of Americans victimized every year. You can take steps to protect yourself.
- Pay attention to online information security. Use strong passwords and change them regularly, especially when financial information is involved. Avoid including financial information in email. If you must send it, distribute it in several messages.
- Pay attention to physical document security. Don’t carry your Social Security card or other documents that contain your Social Security number. Destroy any financial documents before disposal.
- Watch your bank and credit card statements carefully. Follow up on any suspicious transactions.
- Check your credit report regularly for accounts or activities that aren’t yours.
- Consider a credit monitoring service that will alert you to any new activity on your credit accounts.
- If you want more protection, consider an identity theft protection service. Many identity theft protection packages include regular dark web searches to see if your information is for sale through known dark web channels.
You cannot guarantee that you will never be victimized by identity thieves, but you can make yourself a more difficult target. You can also act to catch any breach early and contain the damage. The longer identity theft goes undetected, the greater the damage and the more difficult the recovery will be.
Should I Worry?
The dark web is out there. Much of what goes on there is distasteful and most of us want nothing to do with it. We can still be affected if our personal information is for sale on the dark web. Once information is compromised it can easily be duplicated and may be for sale in many places.
Even if you have no reason to think your information has been compromised, basic precautions will help you protect your identity. If you know or suspect that your information has been compromised you may want to consider more active security measures, including services that actively search the dark web for your data.