DID YOU KNOW?
39% of adults use the same or very similar passwords for multiple online services, which increases to 47% for ages 19-29.
The average employee has 191 passwords.
PATHWAY OF DISASTER
- Work credentials are used for Personal Sites
- Sites are hacked and breached daily.
- Stolen data is sold at auction on the Dark Web
- Data is used to build a highly personalized attached against your business.
What is the Dark Web?
- A Hidden Universe contained within the “Deep Web” – a sub-layer of the Internet
- Reachable only through a special browser
- Search Engines like Google, BING, Yahoo only search 0.4% of the indexed or “surface” internet.
- The other 99.6% of the web consists of databases, private academic and government networks and THE DARK WEB.
- The Dark Web is estimated 550 time larger than the Surface Web.
- You can operate Anonymously = illegal activity.
- Comes with the warning “Don’t Try This At Home”
- Never enter the Dark Web on a regular computer, especially one linked to a network.
How Does Knowing What’s in the Dark Web Help You?
- If you chose to monitor the Dark Web for your business credentials, you will quickly know when they show up for sale on the Dark Web.
- Change your passwords immediately to something complex and very different from the password stolen.
- Breaches are typically not discovered for months after the breach occurs. This provides a proactive method to reduce the likelihood of being a victim.
How Does This Service Discover Credentials on the Dark Web?
- The data discovered is verified
- Some sources don’t guarantee if the data is real or fake
- Includes not just an email address
- Includes the associated PASSWORD
- Includes the source of the breach once acknowledged by the victim. Until then it includes the place it was found, ex. ID Theft Forum.
- Includes type of other credentials discovered with the breach – address, SS#, etc.
- Data harvested from sites that require credibility or membership within the hacker community.
How is Data Stolen?
- Keylogged or Phished
- Data was entered into a fictitious websites or extracted through software designed to steal PII (Personally Identifiable Information)
- 3rd Party Breach
- Data exposed as a part of a company’s internal data breach or a 3rd party website.
- Accidentally exposure
- Data accidentally shared on a web, social media or peer-to-peer site
- Data was intentionally broadcast to expose PII
- Many site encrypt your password
- Encryption is better than clearly seen
- Encrypted passwords can be unencrypted ~25% of the time using websites
- This is an example of an encrypted password: C0a20267f9f1e4469f8eb7bf45704218293412db
FREE 1-TIME DARK WEB SCAN
- Enter your work email to scan your business domain.
- One per business
- Results are reviewed in a confidential meeting
WEEKLY CYBER SECURITY TIP EMAIL
- Sign up online
- Unsubscribe anytime