My first experience on the dark web.

Why did I want to see the Dark Web?

Like many others in the world, I was a victim of data breaches. One question: what was the big deal? The year is 2019 and I now know what a data breach is, no idea why it mattered. An example that opened my eyes was the attack on companies who had sensitive items like SSNs. Most of the data was for sale in this placed called the Dark Web. This was where you could do illegal business with some level of anonymity. Years have shown that there are cracks in that system that can be exploited. I took care to research some before randomly pulling this data. VPN, Tor Browser and other advice will come standard in a “Access the Dark Web” tutorial. What may be more important is to try and not do this from your everyday device. More advice on that later.

The Deep and Dark Web?

There is a major difference in the deep web and the dark web. Another word you should remember is clearnet.

Right now you are reading this on the clearnet. Your everyday browser can find this link and most crawlers on the internet have indexed it. Your everyday search engine generally returns the most known results. If you want to find something old on the clearweb, try “wayback machine” first. The deep web is still on the clearnet, but this part of the internet is where most should consider the “Go Back, not safe” warning. All sorts of scholars may find themselves in the archives of the web although there is a shady place for less scholarly activity. You can use some researching to find these areas or clever searches. The dark web is what you want to hear about. This is the place that lives on onions and I2P. Let’s dive in with how I found my data breach.

Surf the Dark Web

It is now 2021 and I knew the name of the company but nowhere to look for data that shouldn’t be available. If you watch or read any news, you may have heard about Breach Forums. I created some emails to use and signed up. Funny thing, users were banned for that, I guess I slipped by. A quick “Hello” to show some Forum manners and I was off to searching. Whenever you want to search places like this, yes use a VPN, yes use Tor Browser. This protects you from the waiting scammers as well as prying eyes of your censoring official. Searching is done. Wait, no bitcoin payment? No secret transactions? The data was free outside of exposing your username in the comments. I found my breach and downloaded it. Over time I ran a search for any emails I used around the time and finally laid eyes on what criminals value so highly at times. I did this solely with the intent of confirming any other data that could have been found in that specific breach. As data leaks continued, I sought to keep tabs on my information and this was a way to do it best. Word of caution, dispose of the data when you are done. Keeping record of this material is not recommended without select cases. If you choose to keep it, there are secure methods of storage you should explore. I will not make any suggestions.

So I did it. What would I look for next? I didn’t want to buy anything or hurt anybody, just wanted to know where to find my information without paying a company for monitoring. I mentioned in another story you should be careful when looking for certain information. Why? You could find yourself on Dream Market for the first time and be a victim, or you could find yourself on the bad side of a rendezvous. Short story on Dream. There are places you can go to request questionable things or just get illegal goods delivered. The agencies began to use some of the same tricks to lure criminals and Dream Market was an example of one success. You can find all sorts of readily available information in these forums but some “questionable” things will possibly land you in the hands of law, or scammed by a more experienced user. There are valid reasons to explore the corners of the web, be wise.

A note for parting

A little known group called data brokers store massive amounts of information that users have entered all across the internet. There are public pages such as non private social media accounts and surveys, then there are paid resources like White Pages. A statistic shows that most SSNs are already exposed from attacks over the past decade or two. Knowing somebody could hypothetically google my name and find most of my data was creepy...until I googled myself. So what would happen if they found my SSN and used the free information brokered in various corners of the web? Identity theft is the main answer I wanted you to grasp.

Alohamora.