Posted by Amanda at Varay on Oct 13, 2020 11:00:00 AM

We’re not quite sure what’s scarier: actual spiders or the spider-like criminals hanging out on the dark web. 

If you’re unfamiliar with the dark web, it’s a place where cyber-savvy criminals buy, sell, and trade compromised credentials and other stolen digital assets. Most often, a victim of compromised credentials won’t know they’ve been a target until after their personal identification information has already been stolen and posted on the dark web. 

If your credentials have been compromised, never fear; Varay is here! Not only would we help you squish a spider, but we also have many services like dark web scanning that help us detect and alert you to the presence of your compromised credentials on the dark web. 

And today, we’re here to answer the frequently asked question, What do I do if my information is on the dark web? 

Three steps to take when your information is on the dark web

Spider in a spider web on a black background.

First, let’s start with how your compromised credentials arrived on the dark web. Typically, stolen information results from compromised (i.e. stolen) log-in credentials. When your login credentials (either for company accounts, email information, etc.) are compromised, it’s very possible that your personal identifiable information has been stolen and released. Basically, they become a shopping cart item on the Dark Amazon, or what we call the dark web. When your credentials have been compromised in this way, it's a red flag that your identity could be stolen, but not necessarily a sign that it has been yet. 

If that’s where you are, here’s what do to: 

Step #1: Change your password 

Change your company login password as soon as you discover your compromised credentials. This will serve to protect your colleagues and employer from additional attacks. Next, you also need to go to the website where your identity was compromised and change the password there. This is where a tool like dark web scanning comes in handy to let you know what’s been stolen and where it may have been stolen from. 

Step #2: Get a password manager

To prevent further thefts, install a password manager like V-Docs, Varay’s premier password management service, or Lastpass that allows you to create complex passwords that you can easily access (and easily change) with just a few clicks. 

Step #3: Protect your password

Set up strict password practices that protect your password in the future. For example, don’t write your password down; use your password manager instead. Don’t share your passwords, either. Though it might be an inconvenience to your coworkers that you refuse to share your password, even for simple sites, the inconvenience it avoids, in the long run, is much greater. 

If you or someone you know has been the victim of compromised credentials via the dark web, our team is standing by to help you through the recovery process. Contact Varay for more insights on what to do! 

Want to see a video of a hacker using a phishing attack to hack a Microsoft 365 account?

Topics: identity theft, cybersecurity, training, office to home, disaster recovery & business continuity