Why Dark Web Monitoring is Smart for Your Small Business

Learn what Dark Web monitoring for business can do, what it can’t do, and how to keep your data off the Dark Web to begin with.

The information a hacker needs to access your company’s IT network – including your financial accounts and those of your customers – could very likely be for sale on the Dark Web right now. Here’s how to find out whether that’s happening, and what you should do about it. 

Let’s start by de-mystifying “the Dark Web.”

What is the Dark Web?

The Dark Web is a sublayer of the internet that isn’t visible to standard web browsers such as Google and Bing. Cyber criminals use the Dark Web to sell stolen data, including credentials (such as user IDs and passwords) that unlock your business’s IT network and financial accounts.

The anonymous nature of the Dark Web makes a magnet for illegal activity. But it’s used for legal activities, too. You can find chatrooms, games, email, Facebook-like social media platforms, and other places where you may legitimately wish to keep your identity private.

Journalists, law enforcement officials, and others use the Dark Web to protect sources and exchange sensitive information securely.

However, far more of the Dark Web consists of sites devoted to crime, including data theft aimed at company IT networks. Typical Dark Web hubs of criminal activity include:

  • Hacker community forums and chatrooms where cyber thieves trade tools and methods used to steal data, and to report software vulnerabilities.
  • Data auction sites.
  • Peer-to-peer file sharing programs or networks for exchanging stolen data.
  • Command-and-control servers that harvest data through malware and botnets.

Read VPNoverview’s report on typical Dark Web data theft sites if you want insights into what the standard cost for specific compromised data is worth, such as:

  • Full identities
  • PayPal transfers
  • Bank cards
  • Stock tips 

What Makes the Dark Web “Dark?”

Unlike the regular web, a.k.a. The “surface web,” Dark Web isn’t indexed by standard search engines such as Google.

Every machine that accesses the surface web has a unique IP (Internet Protocol) address that’s registered to a specific user and kept in a central index that’s something like an immense phone book.

For example, let’s say you use your PC to enter “Minneapolis plumbers” into Google. That search is routed through a number of web servers to return a list of local plumbers to your PC.

Anyone with the basic know-how to track your search could do it easily, and see the IP addresses of your machine and all the web servers that routed your search.

On the Dark Web, however, the users – and the servers that host a universe of encrypted networks – are anonymous. The Dark Web can still be searched, but the search can’t be tracked easily, if at all. 

Also, Dark Web users generally use cryptocurrency like Bitcoin for purchases, which can make these transactions difficult or impossible to trace.

What Type of Company Data Can Wind Up on the Dark Web?

The most potentially damaging types of data that may be harvested from your company for sale on the Dark Web include:

Online account credentials

Online account credentials, including the user ID and password for email, banking, and third-party services such as PayPal, DropBox, Mailchimp, etc.

Network credentials

Network credentials (e.g., user ID and password for your business’s IT network access) including administrative accounts that really give hackers the keys to your kingdom.

Customer data

Customer data including credit card, bank account and routing numbers, identity (e.g., name, address, phone, social security number, social media accounts, etc.), and more.

Employee data

Employee data such as your HR records, 401(k) and bank account information, and everything listed above under “customer data.”

Proprietary information

Proprietary information your company’s competitors or other bad actors might profit from by copying or compromising your products/services.


Vulnerabilities that hackers have already discovered in your IT network but may not have exploited yet.

What’s the Most Common Way for Criminals to Harvest the Type of Company Data That is Sold on the Dark Web?

Any type of data breach can result in your firm’s data landing on the Dark Web, including those caused by:

  • Outdated and/or unpatched software
  • Malware (often installed via phishing emails)
  • Insider fraud
  • Loss or theft of a company device
  • Human error, including weak passwords
Common ways your data can be breached on the dark web

One of the most common ways your data can be breached is when employees login to third-party providers. 

For example, when your employees use their work email on websites like those shown below, they’re at risk of having these emails and passwords exposed in a data breach, or actually used to create a data breach. (This list was compiled by ID Agent. More about them below.)

9 Ways Your Employees’ Work Credentials Can Lead to a Breach

HR and Payroll: ADP, Paychex, Ceridian  

Email Services: Microsoft Office 365, Yahoo!, Mail  

Customer Relationship Management (CRM): Salesforce, HubSpot, Zoho  

Travel Services: Expedia, Travelocity, Orbitz, Fastbook  

Communications: Verizon, AT&T, Adobe, T-Mobile  

E-Commerce: Amazon, Staples, Office Depot, eBay  

Banking and Finance: Intuit QuickBooks, Freshdesk, Bank of America  

Collaboration: Dropbox, Box, Citrix  

Social Media: Facebook, LinkedIn, Twitter, Instagram

What is Dark Web Monitoring?

Can you monitor the Dark Web’s stolen data markets yourself for data tied to your firm? Our cybersecurity experts do not recommend doing it yourself. The hacker communities know how to detect amateur detectives, and how to make them pay an even higher price for poking around. 

Instead, work with a firm that specializes in Dark Web monitoring for SMBs, such as ID Agent.

ID Agent can do an initial Dark Web search for data from your company (e.g., compromised company email addresses and passwords), and then update you whenever new comprises are detected.

If you use an IT managed services firm, such as Teal, that firm can handle the Dark Web reports from providers like ID Agent for you, and alert you when necessary.

Can you get Your Company’s Data off the Dark Web?

Can you get Your Company’s Data off the Dark Web?

Chances are, if you find your company’s data in one place on the Dark Web, it’s been shared and stored on multiple servers. Dark Web monitoring tools can’t remove your data from the Dark Web – they can only tell you it’s there.

Still, Dark Web monitoring for your business is a useful tool. Based on the type and location of your data that’s found on the Dark Web, you can get valuable clues about how it got there. That can be a strong wake-up call about how to prevent further breaches.

Human error is the most common cause of data breaches. Hackers often succeed only because employees don’t follow basic cyber hygiene. So, here’s what you need to do to make it more difficult for the bad guys to target your business:

3 Ways to Keep Your Data off the Dark Web

1. Regular cybersecurity training 

This should include phishing training, because phishing and other email compromise attacks are the most prominent method for cyber thieves to sidestep your firewall and other network protections.

To be effective, cybersecurity training needs to be provided more than once per year.

2. Use a password manager

Weak passwords — especially those that employees use on multiple sites like the third-party sites shown above — are among the most common data for sale on the Dark Web. Use a password manager such as LastPass to create strong, unique passwords for every site. (Learn more about password security.)

3. Enable two-factor authentication (2FA)

2FA adds a second layer of security to passwords, to make it more difficult for attackers to gain access to a network or a device. For example, in addition to entering a password on a laptop, a user is required to enter a code that is texted to the user’s cell phone, or provided by an app. 

Teal cybersecurity and compliance expert, Justin Weeks, recommends that your small business also has these 7 other cybersecurity measures in place.

Get a Sophisticated Cybersecurity Assessment

Beyond these three cyber hygiene practices, you should have your complete IT system reviewed by cybersecurity professionals with experience serving small to mid-sized companies.

System-level protections, such as antivirus/malware installation, firewalls, and VPNs, should be handled professionally and updated regularly.

Human error and hackers can still circumvent these protections – even at the biggest and best-protected companies. But the key is to make it harder for the bad guys to do their dirty work, so they just move along to easier prey.

Latest Teal News

Subscribe to Our Newsletter

Join Teal Exclusive now to be notified of the latest news, tech tips, and more.

Recent Articles
Don’t Stop Here

More To Explore

Remote Work

Solving Common Remote Work Security Challenges

Organizations face increasing threats from phishing scams, the use of insecure passwords, and the complexity of managing personal devices. Tackling these issues head-on is essential