What is the Dark Web?

‘The Dark Web’ is a phrase which carries connotations of terrorism, political upheaval, drug deals and pornography. It is true that those activities do proliferate there under a cloak of anonymity, but the Dark Web also provides a home for many more mundane activities.

Protect your friends by sharing this article with them:

The first thing to understand is that the Dark Web is a specific, and intentionally hidden, part of the Deep Web.  The Deep Web describes ‘the rest of the internet’ which is not indexed by the common search engines which cover the visible (or surface) web.  The secure part of your bank account is part of the Deep Web and we are all happy that a simple search on Google can’t direct people to look at your current account balance.  Other examples of the Deep Web include content behind subscription-only paywalls like The Times or The Economist, corporate intranets, your email account and your medical records.

The Dark Web requires a specific web browser, TOR, to be able to search for content.  It does carry an ominous and murky label, but not everything on the Dark Web is harmful. However, for the purposes of this introduction we will assume it is harmful.  If you have managed this long without engaging with the Dark Web then you probably want to keep away from it. We think a little knowledge and awareness will help you achieve that.

The Dark Web History

The Dark Web was created by the US government to allow spies to anonymously exchange information.  TOR stands for The Onion Router.  It was developed by US military researchers and released into the public domain in the mid-1990s.  TOR is specialist software that allows individuals to communicate anonymously and move between websites without leaving a trace. It was designed to make it extremely difficult to track the electronic communication and website visits made by an individual.  It will come as no surprise that it didn’t take long for criminals to recognise the opportunities it provided to exploit people online from an anonymous place of safety outside the easy reach of the law.

In 2019, Dr Michael McGuires of the University of Surrey, showed that things have worsened with the number of Dark Web listings rising by 20% since 2016.  He discovered that of all the listings, excluding those selling drugs and narcotics, 60% could potentially harm any enterprise.   The Dark Web has also been the place where most Bitcoin transactions take place, another way for criminals to ‘leave no trace’.

Fake COVID-19 Test Results and Vaccine Certificates

The growing menace to society from the Dark Web is evident in the recent explosion of Covid-19 related activity. Cyber-security experts Check Point published a blog that shines a light on this new hotbed of activity.

  • Fake ‘vaccine passport’ certificates on sale for £180 – users simply send their details and the money, and the seller emails back the fake documents
  • Fake negative COVID-19 test results on sale from various sellers from just £18
  • Darknet advertisements for COVID-19 vaccines have increased by over 300% in past three months
  • Multiple vaccine variants for sale: AstraZeneca, Sputnik, SINOPHARM and Johnson & Johnson, with prices ranging between £360 and £700 per dose

As of March 2021 less than 1% of the world’s population have had a vaccine and we know there are many political, trade and supply issues holding up the rollout. If you are a wealthy person in a country making very little progress with vaccines you may well be tempted to look for other routes to vaccinate you and your family. This logic is behind a surge in demand by those not happy to wait in what feels like a very very long line. This demand has fuelled an explosion in marketing and advertising on the Dark Web. Check Point found ‘hundreds’ of Dark Web advertisements in January. Their latest research identified over 1200 of them.

An example of what the offer looks like can be seen below

The vaccine itself is one growth area, but equally strong is demand for fake documents which ‘prove’ you have had the vaccine or a negative test result even when you haven’t.  These documents are becoming a new currency for people to be able to board a plane, attend business or sporting functions – or even go to a bar or restaurant.

Non-COVID-19 activities

Criminal activities which are thriving on the Dark Web include trading details for:

  • Fake passports
  • Drugs, narcotics and poisons
  • Stolen/hacked accounts e.g. Netflix, Uber
  • Explosives/armaments/uranium
  • Human trafficking
  • Even contract killers!

There is a lot of political intrigue and conversations relating to Russia, China, North Korea, Israel and Donald Trump on the Dark Web.  It also used by whistleblowers, activists and journalists who may be censored and wish to avoid retaliation.  WikiLeaks has its home on the Dark Web.

Summary

The Dark Web is a marketplace for criminal activity.

In all the articles we run describing phishing email scams, like those recently from fraudsters claiming to be from Royal Mail, HMRC or Amazon Prime, the data which is captured when you click a fake URL or fill in a fake form or talk to a scammer pretending to be a customer service agent, is packaged up and sold on the Dark Web. It’s like a chef going to the market looking for ingredients for today’s special, but in this case one specialist scammer might be looking for PayPal account details or another might want driving licence numbers. It is a marketplace and so things have a value (like the end of day oil price or the FTSE100).

Credit card numbers, banking details and PayPal logins are incredibly useful for criminals. Currently, PayPal logins are worth approximately £300 with banking details being traded for approximately £161.

 

IPS Summary

Whilst we want all our IPS members to enjoy the benefits of the internet, please take heed each time you fill in an online form.  Your email address is the key to the kingdom if it can be compromised with a password.

  • Be cautious when typing in personal details to sites you have never visited or checked up on before.
  • Keep reading our newsletters and visiting our website to be up to date with the latest scams.
  • Consider a password manager to protect your passwords.
  • Turn on Two Factor Authentication (2FA)  wherever you see it – as it makes it much harder for your data to be used against you.

You can check if your email has been used recently by becoming an IPS member and using the free Data Breach Lookup Tool.

Have your say

As an IPS member, you can leave us your thoughts, comments and experiences in the commments section below

Leave a Reply

You must be logged in to post a comment.