The dark web is a part of the Internet that is not indexed by regular search engines and can only be accessed using specialized software. Because the dark web is far more private than the surface Internet, it is attractive to cybercriminals, who use it to share and sell stolen information.
In the event of a data breach, your credentials on a dark web marketplace or forum will be terminated. But how do you know if your email address has been leaked? And what steps can you take to protect yourself?
How to find out if your email address is on the dark web
Browsing the dark web to find out if your email has been leaked is not an option – a thorough investigation would require countless hours and tremendous effort, but would most likely yield no results. Still, there are other things you can do to check if your email account has been compromised. There are three ways.
1. Pay attention to suspicious activity
Suspicious and unusual activity is a reliable sign that your email account has been hacked. For example, if you notice that your recovery email address or phone number has changed, it is highly likely that your account has been compromised. Obviously, being unable to log into your account due to a password change is another clear sign of a breach, just like unknown messages in your outbox and sent folders.
2. Check if I’ve been caught
Have I Been Pwned is a website that you can use to check if there has been a breach with your data. The tool, which is free, scans the web for database dumps and collects information. To check if your email or password has been hacked, all you have to do is type them in—if you’re “caught,” you’ll know exactly when and how.
3. Invest in a Dark Web Monitoring Service
The best and costliest option is to invest in dark web monitoring. Many cyber security firms and anti-malware providers offer such services. Simply, they scan the darknet for your information. This is not limited to email addresses, but also includes phone and bank account numbers, identity information, medical records, and more.
What to do if your email has been leaked on the dark web
What can you do if you have your email address and password set up on the dark web? Is it possible to erase all traces of it? Unfortunately, the answer is no. But you are not helpless.
If, say, your email credentials were for sale on a Surface Web forum, you could also contact the forum’s hosting provider or law enforcement, but that would be useless on the dark web. The dark web is decentralized, lawless, and anarchic. There is no authority you can appeal to, and it will be nearly impossible to establish who hacked your account, and who is selling it access to the dark web.
But if your email is found on the dark web, and if it has been or is being used by unauthorized third parties, you can try to minimize the damage. In that case here are five steps you can take.
1. Change your password
The first thing you should do is change your password. Make sure you create a strong and unbreakable password that you won’t forget; One that contains capital letters, numbers, and special characters. Do this for all of your accounts, not just the one that has been leaked to the dark web.
2. Enable Two-Factor Authentication
Two-factor authentication (2FA) requires additional proof of identity on top of a password. Securing your email account with 2FA is a great and convenient way to create an extra layer of security and make sure others can’t access your account.
3. Run Your Antivirus Software
There is always the possibility that your credentials have been stolen through phishing or a malware attack, so you should run your own anti-malware software if your credentials are leaked on the dark web. If you can’t afford to install a powerful antivirus suite on all of your devices, don’t panic, as there are many great tools out there that do the job for free.
4. Check Your Bank Account
The main objective of most cyber attacks is monetary gain. There is a high probability that your email address is associated in some way with a financial service or two. Check your online banking account and contact your bank to see if anyone accessed it and look for unauthorized transactions.
5. Notify your contacts
When cyber criminals hack an email account, they sometimes use it to send phishing emails and deploy malware. Even if you manage to take back control of your email quickly, some damage may have already been done. In any event, you should tell your family, friends and co-workers what happened.