Security · August 25, 2023

How to Stay Safe Despite the Dark Web

When it comes to dark web security tips and protecting your identity, just assume that all your personal information is available somewhere on the web, says David Myroup, senior vice president of enterprise fraud at First Citizens.

It's an unfortunate reality given the amount of electronic data we provide nearly every day, combined with a growing number of data breaches occurring around the world. Total fraud and identity theft cases have nearly tripled over the past decade, according to the nonprofit National Council on Identity Theft Protection—rising to more than 1.4 million a year by 2022.

Dark web security tips to protect your finances

Once cybercriminals get your data, they often make it available for sale on the dark web—a portion of the internet that's not accessible from ordinary browsers. According to a recent report in the online cybersecurity magazine Dark Reading, about 6.7 billion unique sets of usernames and passwords are available on the dark web, and the overall number of username and password combinations for sale has increased by 65% since 2020.

The information scammers collect from the dark web is often incomplete, but the availability of so much of it is partly what's led to an increase in the number of scams and their effectiveness.

"It's not that all your personal information—your full name, your Social Security number, your address—is available in one spot, but there's means for the bad actors to take bits and pieces of it and create a full picture," Myroup explains. "Then they try to convince you through conversations or emails that you need to provide the balance of the information for whatever reason."

"There's no limit to the damage that can be done with this information," he adds. "It could impact your life savings or could even lead to someone taking over the deed on your mortgage."

Graph of Cybercrime Complaints and Losses showing $27.6 billion in total losses from 2018 through 2022 with info from the Internet Crime Complaint Center

According to a 2022 report from the FBI's Internet Crime Complaint Center (PDF), cybercrime losses grew steadily from 2018 through 2022:

2018: 351,937 complaints with $2.7 billion lost

2019: 467,361 complaints with $3.5 billion lost

2020: 791,790 complaints with $4.2 billion lost

2021: 847,376 complaints with $6.9 billion lost

2022: 800,944 complaints with $10.3 billion lost

Total: 3.26 million complaints with $27.6 billion lost

Protect yourself with these dark web security tips

Typically, if your credit card number gets stolen, the issuing company will offer fraud protection. This means you're not responsible for the charges someone else makes. The card is canceled and you're issued a new one—an inconvenience for sure, but not severely damaging.

But with the information on the dark web, scammers have the opportunity to get into bank accounts, impact your credit score by opening false lines of credit and more.

So what can you do to protect yourself? Myroup offers five dark web security tips.

1Freeze your credit

People generally think about a credit freeze as something to do if their information has been stolen, but Myroup says doing it before you have a problem can be a preventive measure. If your credit is frozen, no one can apply for credit in your name. It's a fairly simple process of reaching out to the major credit bureaus, and it won't cost you any money or negatively impact your credit score. The downside is that if you decide to get a mortgage or a new credit card, you'll have to unfreeze your credit before you can apply.

2Embrace two-factor authentication

Many mobile apps and online sites use two-factor authentication, or 2FA, to increase security. This means when you log in, the app or site will reach out to you via another method to make sure it's you—often with a text message to a phone number you've provided. Myroup recommends using 2FA on sites where it's available.

Biometrics, such as requiring a fingerprint or facial recognition, are also taking hold and helping security. A scammer may have your login and password information for a company, but hopefully they don't also have your actual cell phone or your fingerprints.

3Designate unique emails and credit cards for online use

Myroup says having a separate email that you only use to register for online sites can help keep your primary email address safe to use for your financial institution's login. Similarly, if you have multiple credit cards, choose one to associate with online accounts with retailers, saving others for more critical transactions like paying utility bills or buying gas.

4Use caution with your bank account

It may be surprising, but one of the most dangerous ways to pay for something is by check, Myroup says. This is because checks typically have your full name and address on them, as well as the account number and routing information. He says scammers have gotten more organized about stealing mail, looking particularly for checks. Businesses may be able to talk to their financial institution about additional security measures if they write a lot of checks, but sometimes those measures aren't in place for personal accounts.

Wire transfers can be a safe way to pay for things online, but Myroup cautions people to be careful with the directions for a wire transfer. If a wire transfer is requested of you via email, call a trusted telephone number for the payee's institution to check the legitimacy of the wiring instructions before sending any cash. Make sure to validate the account ownership name for the account number provided.

5Help those who are most vulnerable

It's not just adults who can have their data compromised. Children may not yet have bank accounts, but they do have birthdays and Social Security numbers and an increasing number of them are online—especially in the tween and teen years. Kids' information is also often on paper forms, whether for school or medical use, putting them at risk for identity theft.

If you're responsible for an aging parent, you'll also need to be alert because older adults are often the top targets of scammers.

Helpline resources if you've fallen victim to a scam

If you've fallen victim to a scam or are concerned your financial information may have been compromised, here are some resources to contact:

First Citizens Fraud Central: 866-567-7760

Federal Internet Crime Complaint Center: www.ic3.gov

Federal Trade Commission: 877-FTC-HELP, 877-ID-THEFT or reportfraud.ftc.gov

Be proactive and react swiftly

Myroup says good cyber hygiene is a smart practice. Change your passwords often, and use a password manager if you tend to forget passwords or don't know how to create strong options. Check links you receive in emails before opening them or providing sensitive information. For example, your bank will almost certainly never ask you to email your account information and will never ask you to share passwords or a one-time passcode.

Several services, including the major credit bureaus, offer to scan the dark web to see if your information is there. Myroup says there's some value in this because it may give you a general idea of how at risk you are, but it may not give you a complete picture. For example, the scan won't indicate that someone truly has access to your accounts.

Ultimately, you may not be able to prevent your information from being compromised, but being proactive can help make it harder for thieves to use compromised information to get access to your most sensitive financial information.

"Understanding what options are available to provide you the most security, and gravitating toward those options, is always the recommendation and the best practice," Myroup says.

Insights

A few financial insights for your life

Security

Can You Spot the 10 Most Common Financial Scams?

When it comes to modern financial scams, awareness and vigilance are key to prevention.
Criminals are adopting increasingly sophisticated tactics, using spoofing technology and leveraging exposed personal data to make their attempts seem legitimate.
Security

Tips to Protect Parents From Fraud

The risk of financial scams is on the rise, but there are steps you can take to help keep your parents' assets safe.
Elderly people are particularly impacted by fraud because they don't have the time to make up for losses that younger generations do.
Security

Protecting Yourself From Investment Scams

Investment fraud has become the costliest form of fraud in America. Find out how to protect yourself.
Approximately one in 10 investors will fall victim to investment fraud at some point in their lives, according to researchers at the University of Pennsylvania's Wharton School.

This material is for informational purposes only and is not intended to be an offer, specific investment strategy, recommendation or solicitation to purchase or sell any security or insurance product, and should not be construed as legal, tax or accounting advice. Please consult with your legal or tax advisor regarding the particular facts and circumstances of your situation prior to making any financial decision. While we believe that the information presented is from reliable sources, we do not represent, warrant or guarantee that it is accurate or complete.

Third parties mentioned are not affiliated with First-Citizens Bank & Trust Company.

Links to third-party websites may have a privacy policy different from First Citizens Bank and may provide less security than this website. First Citizens Bank and its affiliates are not responsible for the products, services and content on any third-party website.

First Citizens Bank is a Member FDIC and an Equal Housing Lender icon: sys-ehl.

NMLSR ID 503941