Dark Web Monitoring

With our dark web monitoring service we will provide you with a complimentary Dark Web Scan

• Find out if your company’s digital credentials are for sale on the dark web.
• Detect Compromised Credentials Used to Exploit Employees and Customers

To help keep your critical business assets safe from the compromises that lead to breach and theft, we are offering a complimentary, one-time scan with Dark Web ID™ Credential Monitoring. Our Dark Web ID Credential Monitoring detects compromised credentials in real-time on the Dark Web and notifies you immediately when these critical assets are compromised before they can be used for identity theft, data breaches, or other crime. Digital credentials such as usernames and passwords connect you and your employees to critical business applications, as well as online services. Unfortunately, criminals know this — and that’s why digital credentials are among the most valuable assets found on the Dark Web.

Far too often, companies that have had their credentials compromised and sold on the Dark Web don’t know it until they have been informed by law enforcement — but by then, it’s too late. According to the National Institute of Standards and Technology (NIST), small and medium-sized businesses may have more to lose than larger organisations, because cybersecurity events can be costly and threaten their survival.

What comes with the Dark Web Monitoring service?

We Monitor the following areas every day every night of the year:

• Hidden chat rooms
• Private websites
• Peer-to-peer networks
• IRC (internet relay chat) channels
• Social media platforms
• Black market sites
• 640,000 + botnets

How does it works?

Dark web monitoring protects your Business

• We Identify Compromises Throughout Your Organisation
• We provide you with a written report on your compromised emails.
• We Prepare The more information you collect, the more valuable it becomes.
• We Predict:  It’s not enough to simply be ready, you need to be ahead.
• We Prevent:  Attacks on networks may be inevitable, but they don’t have to be destructive.

Dark web monitoring protects your Business

• It Delivers the same advanced credential monitoring capabilities used by Fortune 500 companies to companies of your size.
• It Connects to multiple Dark Web services including Tor, I2P and Freenet, to search for compromised credentials, without requiring you to connect any of your software or hardware to these high-risk services directly.
• Proactive solution provides real-time awareness of compromised credentials before identity theft or data breaches occur.

Why It’s Important to have dark web monitoring

• Compromised credentials are used to conduct further criminal activity, such as data breaches of sensitive corporate information, as well as identity theft of individual employees.
• Users often have the same password for multiple services, such as network logon, social media, online stores and other services, exponentially increasing the potential damage from a single compromised username and password.
• Today, you have limited visibility into when your credentials are stolen; over 75% compromised credentials are reported to the victim organisation by a third party, such as law enforcement.

How much is the service?

Request a dark web monitoring Search of your Company

Cybersecurity doesn’t have to be too overwhelming, expensive or complicated. The first step to protecting your business is understanding your risk.

Your questions answered

Typically, the data which is found means that an employee or someone who used a corporate email address, used this email as a user login on a third-party website, that website got breached and sold off or passed over to some unground websites. The logins and passwords of that website are now compromised. So ultimately what is compromised is their work email along with a password. Although most web services require two-factor authentication or 2FA, the strength and security vary.

• Easy for hackers to bypass weaker implementation by intercepting codes or exploiting account recovery systems.
• Most of the problems centre around the fact that if you break through anything next to the 2FA login, (account-recovery process, trusted devices, or underlying carrier account) hackers are into the system anyway.
• The weakest point for 2FA is the wireless carrier (who can be breached) and the mobile device (which can be hacked).

The report provides historical as well as live real-time data. At one point in time, there was risk associated with these credentials and there could still be. 39%
of adults in the U.S. are using the same or very similar passwords for multiple online sources. These passwords (whether active or not) are being used in phishing exercises and can be very compelling. An email address that is either not a valid email within the business, or a “fake email” (ie: [email protected]) may be a signal that the cyber handler/criminal is attempting a phishing attack on the business. This is absolutely a reason for concern, as it makes it clear there has been an active attempt at attack!

Email addresses discovered in the wild may not have ever existed on the businesses mail server. Let’s say that these email addresses were used to create accounts on some other service and it’s that other service that is breached and the source of the Compromises. From our perspective, we can’t determine if the email addresses we find in the wild are actual email addresses and therefore we report them.
Notes or comments regarding the credential or credential owner may also appear in our findings. For example, we’ve seen phone number and gender in the password field. While such a finding may not contain a password, the presence of personal information in the record is still a valid finding.

How much does it cost?

* The minimum subscription is one year and payment to be made by monthly Direct Debit.