Scary warning signs that hackers are selling your private information on the dark web – and five ways to stop it

SENSITIVE information such as your credit card number and bank account details could be for sale in the underbelly of the internet.

The dark web is the part of the internet that is not indexed by search engines.

It can only be accessed using a special browser called Tor, short for The Onion Router.

Popular media paints it as a haven for criminals, rife with illegal activity – and although the image is dramatized, there is some truth to it.

The dark web, like the publicly accessible clearnet, is full of forums where hackers gather to share stolen data.

Cybercriminals often try to profit from data breaches, and the information – credit card numbers, login credentials and more – can be sold for tens of thousands of dollars.

In May, a group called ShinyHunters claimed responsibility for a TicketMaster hack that exposed private data of more than 500 million account holders.

ShinyHunters attempted to sell this information for $500,000 on a dark web forum, although it is unclear whether the group ever made the sale.

Since the dark web is not indexed, these dark forums will not appear in a simple Google search.

This makes it difficult to know whether your information has reached the most remote corners of the Internet.

The best way to know for sure is to sign up for dark web monitoring, a service offered by professional cybersecurity companies.

By comparing your information with information on the dark web, these companies can determine whether you have been included in a data breach.

Companies will also notify you if they believe your credentials have been exposed. TicketMasterfor example, it sent letters to millions of customers last month.

If you are unsure of the extent of the damage, carefully monitor your accounts for suspicious activity, which may come in the form of unknown purchases or frequent attempts to log into your accounts.

If you are unlucky enough to be included in a data breach, start changing your passwords immediately.

A strong password is at least 16 characters long and uses a large mix of upper and lower case letters, numbers and symbols.

3

You should also enable multi-factor authentication (MFA) whenever possible.

MFA requires you to prove your identity in two or more ways before accessing your accounts.

This may involve sending a password to your phone or email address or using a biometric identifier such as a fingerprint.

If your information was found on the dark web, you could be a victim of identity theft.

It’s a good idea to place a fraud alert on your credit report to prevent criminals from opening credit accounts or taking out loans in your name.

3

If your Social Security number has been compromised, claim it on your Social Security Account As soon as possible.

You must block your Social Security number, which will prevent anyone from changing or accessing your Social Security registration – including yourself.

This makes it difficult to borrow money or get a new job.

To avoid headaches, you must act to protect your information as soon as you know you are a victim.

How are scammers finding my number?

Here, Mackenzie Tatananni, science and technology reporter for The US Sun, explains how a scammer can get your information.

Scammers often obtain phone numbers through data breaches, which occur when a hacker accesses a private database – usually those maintained by companies such as contractors and employers.

This information can be shared and disseminated online, including on the dark web, where there are forums dedicated to sharing leaked information.

Another common technique called wardialing employs an automated system that targets specific area codes.

A recorded message will instruct the listener to enter sensitive information such as card number and PIN.

There’s also a much more distressing possibility: your phone number could be listed online without your knowledge.

Data brokers are eager to buy and sell your information. These companies collect information from a variety of public online sources, including social media and public records.

Its main purpose is to build databases of people and use this information for personalized advertising and marketing.

Much of this information ends up on public records websites, which display information like phone number, email, home address and date of birth for anyone to see.

In the United States, these sites are legally required to remove your information if you request them.

Locate your profile and follow the cancellation instructions, but be warned: these sites don’t make things easy and are out to frustrate you and prevent you from completing the deregistration process.

To put it simply, you can also use a tool to clean your information from the Internet.

Norton offers one of these services. Called Privacy Monitor Assistant, the tool finds information online and requests removal on your behalf.

It’s also possible that your phone number is linked to a social media account and is publicly displayed on your profile – this happens quite often on Facebook.

Be sure to review your privacy settings and confirm that this information is hidden from prying eyes.