Dark Web Monitoring is one of the most ubiquitous features for an identity theft service, and for good reason. While it’s not the biggest threat out there, it’s pretty high on the scale of insidious internet threats you need to protect yourself from.
Just so everything is clear, let’s quickly go over what exactly Dark Web Monitoring entails.
What Exactly is Dark Web Monitoring?
Most of what an identity theft protection service does is monitor various types of identity theft you have and how it’s being used. You give them a certain subset of information, including your name, address, social security number, and depending on the thoroughness of the service, more specific information like your bank account info, credit cards, social media accounts, and so on.
Dark Web Monitoring doesn’t help monitor the what, but the where and who. A lot of those bits of information are likely to turn up in a variety of places for a large number of reasons. Whether it be by a data breach on a site that leaks your login info for an account, or some data collection service that sells your info “legitimately”, which is common on social media.
|Tip!Always remember the adage: “If a service doesn’t require payment, it usually means YOU are the product.”|
Dark Web Monitoring looks for your information on various dark web sites, usually auction sites. Bad actors will look for your information as it may be available from some places due to those aforementioned data breaches and the like, or find a way to get it from you in other ways, and auction it off on hard to find websites.
A data breach alert from one of these identity monitoring services isn’t necessarily something to be super concerned about. There are steps you can take to protect yourself afterwards. But a dark web alert would be something more serious, and usually indicative of a data breach alert that was extremely serious (such as the huge Equifax breach from a few years back), or left to fester for too long without being addressed.
Read More: What To Do In Case Of A Data Breach.
So Who Has the Best Dark Web Monitoring?
Having looked in depth at the three major identity protection services on the market (Norton’s LifeLock, Identity Guard, and Experian’s Identity Works), they all offer Dark Web Monitoring services.
There is a bit of nuance to each option, but of the three of them I’d say Identity Guard has a bit of an edge over the other two.
LifeLock’s is by far the worst, in part because it doesn’t monitor as much information. It keeps an eye on up to 10 bank accounts, and 10 credit cards, that’s it. While those are highly important, it’s really not the whole story when it comes to Dark Web Monitoring.
Experian is in much the same boat, monitoring pretty much the same info.
Identity Guard, however, uses its Dark Web Monitoring to keep track of ALL the information you give it. This includes bank account and credit card numbers, but also usernames, passwords, and logins for all sorts of sites that match existing information you give them (based on historically used usernames, email used to sign up, and information like security question answers).
Why is this important? For a number of reasons, but the biggest one is that information can then be used later to GET your bank account or credit card information.
If your username and password info is leaked and purchased for a random site, let’s say something like Facebook, then that information is in someone’s database. Chances are, you use that username, password, or both for a different site. Using the same password, or some variant, everywhere is unsafe, but a common choice to make for a lot of people. It makes things easier, and not everyone has access to a password manager (though some of these services, including Norton’s LifeLock family plan, do provide password management services).
That information may float out there for weeks, months, even years before coming back to bite you. Somebody sees your username on a site that has some kind of store. Let’s say you use the same username for both Reddit and Steam.
If you also use the same password, now that person can break into your account (particularly if you haven’t set up two-factor authorization, which everyone should) and get access to your credit card information.
From there, things get worse. Best case scenario, they use your credit card info to make some unauthorized purchases. In a worse case scenario, they parlay that into even more information, like your full bank account info, if you used a debit card, for example.
Now you’ve gone from having an inconvenience (being locked out of an account) to a disaster (having your credit ruined and savings stolen).
Identity Guard is the only three of these services I’ve used which has thrown up alerts of this nature, despite each of the three options nominally having access to all of the same information that it should be monitoring.
As a result, if you’re concerned about your information being available on the dark web, Identity Guard provides the widest range of monitored information, and so is going to be your best, if not only bet for wide spectrum protection in this regard.
In addition, it also provides a quite thorough questionnaire about your browsing and social media habits, wifi usage and security, and all sorts of other targeted questions that culminates in the service providing you a Risk Management Score that grades you on how safe you are on the internet, either via avoidance (not exposing yourself to a ton of risk) or mitigation (minimizing the chance that any leaked info will hurt you).
This can help you tweak your habits, helping you to help yourself outside of what the service itself provides, which is an excellent thing to see in a service. A protection service should teach people how to keep themselves safe, and act as a safety net, rather than lulling people into a false sense of security.
Last Updated on