Over the past few years the role the Dark Web plays in your business and personal lives has evolved, probably without you even realising it. The Dark Web is used by hackers and people with malicious intent to either buy, sell or openly exchange your hacked credentials.
So what do I mean by “your credentials”? The easiest way to explain this is any system that you use online that requires a username and password, from simple systems such as your email (personal or work) to more worrying systems such as your online banking or accounting systems.
I know the Dark Web can seem like a very confusing place, especially if you don’t fully understand the complexities of it, and therefore would be unaware of the potential risks to yourself and to your business.
We here are geekingITsimple are running an information campaign on the Dark Web to raise awareness of it with our customers, and with the wider business community. If you are unsure of what the Dark Web is, please carry on reading, I promise you it will only take a few more minutes of your time, and the results will make you safer.
So I have touched on how your usernames and passwords are sold and exchanged on the Dark Web for malicious reasons, but how do they get them in the first place? I am sure you have all seen the hoax emails pretending to be from the HMRC, or your bank asking you to login to view a message or take some immediate action. Sometimes they can be quite realistic can’t they? When and if you fall for them, this is where the hackers get your data. Although the website you are logging into might look genuine, it is not. All of the data you are typing in is going straight to the hackers’ servers.
The other method used by the hackers to gather your data is via brute force. We’ve all seen the data breaches from large organisations on the news, such as British Airways, Facebook and Google. Can you remember the prompt on Facebook about a year ago now asking you to change your password after their hack? All of the usernames and passwords the hackers stolen soon end up on the Dark Web.
So what do the hackers do with these details?
Usually hacking results in financial gain for the hackers, either by selling your details on, or by maliciously using your login details to generate financial gain in some fashion. How many emails have you had from your relatives or friends who are supposedly stuck in a foreign country and have lost their wallet and need a couple of hundred pounds sent over to their bank account?
OK, so there is a risk to my business, what do I need to do?
The answer is very simple and comes in one simple, painless stage. You need to monitor how many of your details are on the Dark Web. How would you currently know if a hacker knew the username and password to your online accountancy package? We offer a Dark Web monitoring service to all of our clients, and to new clients. This simple unobtrusive system requires no more effort from you to setup than just giving us the go ahead. We will then setup the monitoring systems in the background and you will then be instantly alerted as soon as any of your companies credentials are hacked, because let’s face it, it will happen sooner or later. This system will monitor your details 24/7/365.
Do I really need this?
When we speak to new and current clients about this a few seem to think they don’t need the Dark Web Monitoring, usually because they don’t understand how the Dark Web works, or don’t see the value in it.
Let me counter this by giving you a real word demonstration of what happened to a business who wasn’t a client of ours at the time, but now is.
We had a call from an accountant who noticed unusual login activity on their online accounting package. It appeared that one particular staff member was logging in randomly, outside of office hours, usually between 2 and 4AM. After speaking with the staff member it soon became very apparent that the staff member in question had not been logging in during those times.
The accountants then called us and we instantly run a dark web scan on their domain. Within seconds we were able to tell them that not only had this one account been hacked, but also another two within the company. We advised that they instantly reset the passwords on these accounts to stop further access. Further to that we then ran a full complementary audit of all their IT systems and found further security issues which were very quickly rectified and we now look after their systems on a Managed Service contract, and their domain is constantly being monitored 24/7/365 for any further breaches.
The only reason the hacked accounts became noticed was that the accountant was being proactive and monitoring system access, if he hadn’t of been checking this the hackers would have had access to their financial documents until he next reset his password.
How do I get a complimentary scan?
Simple, schedule yourself in with me for a brief discovery call with me below so I can gather all the information I need to run the scan. I will them come back to you with the findings, and if there are any hacked accounts we can work with you to make the necessary changes.