Account Takeovers &The Dark Web
The dark web is home to a variety of illegally acquired information including identity theft, user logins, credit card numbers, and more traditional theft such as digital copies of CDs and movies. User account information and login lists have become a big business item for a lot of cybercriminals and it can put your company at risk. Tools such as SpyCloud help keep you aware of what’s going on and if your login database matches any lists that are for sale. This type of theft leads to account takeovers which are detailed below.
Account Takeovers Explained
An account takeover is a specific form of identity theft. Unlike a data breach, an account takeover is performed not by bypassing security or hacking but by using an account’s sign-in information. These user credentials are often stolen in data breaches, phishing, or other common methods of internet fraud with lists of user logins being sold on the dark web to interested buyers. In many cases, those performing account takeovers sought the information second hand and didn’t illegally acquire it in the first place.
Once a cybercriminal has the login information, they use it to log into user accounts for the purpose of data theft, fraud, and monetary theft i.e. logins attached to bank accounts or earning accounts. Account takeovers are not a breach as they do not require security bypassing skills. They resemble phishing in terms of information use, despite having different methods of acquiring customer information. Account takeovers can be hard to detect and are often reported after the fact, however, through the use of dark web tracking, they can be intercepted.
Tracing The Dark Web
The majority of information stolen in data breaches, such as credit card information and user login and password lists, end up for sale on the dark web. For many cybercriminals, the money isn’t for information use, it’s to sell to others who find it useful. The old adage ‘knowledge is power’ remains true even in cases where knowledge is illegally acquired. Luckily, keeping track of what’s going on in the dark web is easier than you think.
Due to its anonymous nature, accessing the dark web (not to be confused with the deep web) is something anyone can do with the right tools. In many cases, all you need is a VPN and a properly configured web browser such as Tor. Neither tool is in any way illegal and you’ve likely used VPNs before in daily business, and many people with privacy concerns use Tor for general internet use. However, with these tools and knowledge of where to look, illegal sales and user information lists can be found.
If your company has never had a data breach and phishing protection is in place, you may think the dark web is of no concern to you. This is a bad idea that can leave your company vulnerable to account theft and cyber criminals trying to force their way into your system. Many of us are lazy and this extends to using a common list of go-to passwords and usernames for every login.
This means a completely unrelated data breach at a 3rd party company you have nothing to do with can leave your own users vulnerable if they’ve reused login information.
Final Thoughts
The prevalence of data theft and easily guessed passwords is challenging to keep users safe. With monitoring tools, you can track to see if the login information has been released on the dark web no matter where it originated from. Preventing account takeovers can be as easy as simply resetting a password, and once a user has updated their information, the leaked login no longer allows access, preventing any criminal activity. By monitoring the dark web, you stay ahead of information leaks (even if you’re not the source) and can prevent account takeovers through simple awareness.
We hope you enjoyed this promoted piece as much as we did!
