Dark web, cybersecurity, digital footprint, cybercrime, threat intelligence
April 2, 2025
The Dark Web Explained: How It Works and Why It Is So Dangerous
While most people access the internet through common web browsers like Google Chrome, Safari, and Edge, there are deeper layers of the internet that are not accessible to the average user: the Dark Web, or Dark Net.
It is a collection of websites, forums, and marketplaces that can only be accessed with the Tor browser. This special browser provides users with a high degree of anonymity, which is particularly attractive to cybercriminals, hackers, and government officials who want to hide their identity. The Tor browser is currently available only for Windows, Mac, Android, and Linux. Once you are connected, you gain access to Dark Net websites known as "Tor hidden services." Instead of ending in ".com" or ".org," addresses on the Dark Web end with ".onion." Many insiders talk about the Dark Web in cryptic terms to instill fear. However, it is not just a space for criminals. Yet to understand the Dark Net, we must first deal with the different layers of the internet.
The Layers of the Internet – What Is the Surface Web?
The internet consists of several layers: visible (surface), deep (deep), and dark (dark). Most people only interact with the visible or Surface Web. Through search engines, you can access nearly two billion public websites - from Wikipedia to public sector websites and news sites. However, this is just the tip of the iceberg: the Surface Web makes up only 10% of the entire internet - most of the web pages remain hidden from the average user.
Why is this the case? Because not all information you can access online belongs to the public domain. So if we only see 10% of what is actually on the internet, where is the rest?
Dark Web Vs. Deep Web: What Is the Difference?
The vast majority of digital content in the world is not accessible through search engines. This colossal amount of information is located in the Deep Web (or Hidden Web), where nearly all online activities take place. Even if you don’t use the term Deep Web daily - or at all - it is, however, more a part of your life than you realize:
You use the Deep Web as part of your daily routine every time you log into your email account, check your online banking information, or use social media.
The Deep Web contains information for which access typically requires a username and password, primarily for security and privacy reasons. The entities of the Deep Web include:
Databases
Social media apps
Online banking
Email
Intranets
Forums
Content protected by a paywall
Many activities in the Deep Web involve personal data, such as medical and legal documents, financial records, academic research, intellectual property, confidential business information, and much more.
However, the Deep Web is not the same as the Dark Web, a term you have likely heard before. The Dark Web is another part of the internet that is not comparable to the Deep Web. Let’s take a look at the reasons for its negative reputation. To do this, we must first address the Digital Footprint.
What Is a Digital Footprint?
"A digital footprint is a term that describes the recorded - and thus traceable - internet or device activities of a particular person." – So defined the Malwarebytes glossary succinctly. Let us elaborate on this definition: Simply put, a digital footprint is your trail of data on the internet. Almost every action you take online, whether visiting a website, signing up for a newsletter, or searching for a product, leaves a trail of data. Anyone with access to a search engine or advanced software like a skip tracing tool can view your activities, behavior, preferences, opinions, and much more based on your data trail.
The critical point is: A digital footprint never completely disappears, even if a website, a host, or a social media platform deletes part of your digital footprint at your request. There is always the risk that someone has documented this information. Therefore, you should be very careful with the content you publish on the internet.
Negative Real-World Effects Possible
Your digital footprint can have significant effects on your public image, even if the data is decades old - the internet forgets nothing. For example, a controversial opinion expressed years ago in a public forum can have repercussions in the present, even if your views have evolved in the meantime. Old photos or videos also pose a significant risk in this regard. You can quickly lose track of your digital footprint if you maximize your passive and active digital footprints. The internet is growing rapidly, and there is plenty of storage space for your data.
And this data is extensively used: According to Monster, 77% of employers Google applicants. But not only employers check your digital footprint. Governments, security companies, police departments, and others may examine it before issuing, for example, certificates, visas, or citizenships. No special skills or tools are required for this. Anyone who has access to a device and a search program can look up a digital footprint. In the digital age, therefore, it is an easily accessible source of information.
Abuse of Your Digital Footprint
The information you leave on the web can be misused by malicious actors in various ways for criminal purposes. For instance, they can use your data to learn more about you and launch a spear-phishing attack. This is a highly personalized phishing attack that misleads you into thinking it is legitimate due to the use of detailed personal information.
Another type of attack is called doxing, in which hackers deliberately compile and publish personal information. Whether residential addresses, personal phone numbers, account or credit card information – doxing causes significant harm. The background is often a personal conflict or a culture war with the aim of harming the victim both in the online world and in real life.
A particularly insidious form of personal data abuse is known as swatting. Here, personal information of the victim is used to trigger a police and emergency response to their home address, e.g., because of an alleged hostage situation. This type of bullying has already resulted in fatalities when people were shot by responding officers, whom they perceived as potential kidnappers, burglars, etc.
The list of abuse possibilities could go on indefinitely. Importantly, it is essential to understand that not only individuals but also companies, marketers, platforms, and websites can exploit your data, for example, to serve you personalized advertisements. Therefore, the consequences of data misuse may not always be immediately apparent or as severe as described in the examples above.
How to Check Your Digital Footprint
There are numerous ways to check your digital footprint:
Search engines: Check the search results for your name in a search engine. Use your first and last name, variations of your first and last name, online handles (usernames/pseudonyms), and nicknames. In some cases, your unique, long-standing online pseudonym may be more revealing than your actual name.
Image search: Use a search engine to look for search results related to your name and online handles, as described above. However, do not search for text; look for images and videos instead.
Check your posts on social media: Enter your social media handle (pseudonym) followed by the name of a social media platform in a search engine. You should now see a list of your popular posts on social media. Alternatively, you can visit your social media page and scroll through your list of posts. To find specific posts on social media, search with your social media handle, the name of the social media platform, and the keywords you may have used in the sought-after post.
Use aggregator websites: An aggregator website compiles data from across the internet and makes it easily accessible. If you want to check your digital footprint, such a website can provide useful services.
Google Alerts: Setting up Google Alerts is an excellent way to track your name on the internet.
What Kind of Products Do Cybercriminals Sell on the Dark Web?
Cybercriminals and other malicious actors exploit the opportunities of the Dark Web in numerous ways for illegal purposes. The hotspots for illegal activities on the Dark Web are marketplaces and forums where participants trade illegal products and services.
Illegal products offered by criminals on these black markets include stolen and counterfeit data of various kinds, such as:
Personal data: This includes full names, residential addresses, phone numbers, dates of birth, social security numbers, hacked email addresses, and many other details that can identify you as a person.
Financial data: Stolen credit card data, online banking usernames and passwords, credentials for cryptocurrency accounts, bank and insurance data, and much more.
Login credentials for online accounts: Typically, these are username-password combinations that allow access to accounts ranging from social media to ride-sharing and video streaming services to paid professional services. Even logins for genetic testing providers are in demand.
Medical data: This includes your medical history, prescriptions, biometric data (including fingerprints and images of your face), test results, billing data, and other sensitive details. In the wrong hands, this can lead to (medical) identity theft.
Confidential business data: This includes classified information such as intellectual property, patents, competitive information, and other operational details.
Counterfeit data: Especially fake passports, stolen driver’s licenses and ID cards, bank checks, and more.
Other Illegal Dark Web Marketplaces
In addition to personal information obtained from data breaches and various other types of cyberattacks and online fraud, these black markets also offer illegal drugs, access to new cyber threats and viruses, and even hitmen.
The most notorious of all Dark Web marketplaces was Silk Road, which had over 100,000 buyers at its peak. Founded in 2011 by Ross Ulbricht, the website became the most popular black market, particularly for drug dealers. The FBI shut down Silk Road in 2013, but version 2.0 briefly came back online before law enforcement finally took it down. Ross Ulbricht was sentenced to life in prison twice, along with three other convictions. The US government seized bitcoins worth over 1 billion dollars during the operation and in the following ten years.
Apart from the possibility of making a lot of money on these Dark Web marketplaces, people also visit the Dark Web for other reasons. This part of the internet also harbors vast amounts of child pornography, with some websites reaching tens or hundreds of thousands of users. As a hub for criminal activities, the Dark Web offers more than just "products" for anyone who wants to buy and consume them. It also provides services that enable cybercriminals to carry out attacks with little technical knowledge or experience.
What Types of Services Does the Dark Web Offer for Cybercriminals?
Even if personal data seems priceless to you, cybercriminals trade personal data on the Dark Web black markets for a few dollars. Data for credit cards with a balance of up to $1,000 costs an average of $150, while stolen online banking login credentials (for an account with a balance of at least $100) can be had for only $40. Harder-to-obtain goods, such as a French passport, can cost up to $4,000.
Dark Web marketplaces even have rating and review systems so potential buyers can identify "trusted" sellers. With all these features and the allure of wealth through cybercrime, it’s no wonder these black markets are seeing a significant increase in offerings according to the Dark Web Price Index.
Moreover, cybercriminals do not only buy and sell personal data and compromised accounts but also other goods like:
Off-the-shelf software exploits (exploit kits): Tools that cybercriminals use to attack vulnerabilities in systems so they can subsequently spread malware.
Ready-to-use malicious software (malware): Ransomware, information stealers, keyloggers (that record every keystroke on a device), spyware, adware, rootkits (which are notoriously difficult to detect and stop), trojans, and worms (with self-replicating abilities).
Malware-as-a-Service: A subscription-based model in which the software and hardware needed by cybercriminals to carry out attacks is rented. This includes the malicious software, a distribution network, a range of targets, and even technical support, as well as a personal dashboard to manage the project.
Software vulnerabilities: Cybercriminals can exploit these without the knowledge of the software manufacturer (known as zero-days) to sneak into companies incognito.
Access to networks of compromised devices (botnets): The computer resources that malicious hackers need to carry out their attacks.
Distributed Denial of Service (DDoS): Offers that utilize extensive botnets to overwhelm the victim's systems with so much traffic that they go offline along with the services they offer.
Training for cybercriminals: Tutorials, guides, and other types of content support the further education of cybercriminals in various roles.
Money laundering (money muling): Enables fraudsters to spread the money they steal, extort, or otherwise obtain from their victims and convert it into clean, untraceable cash.
That’s Why You Shouldn’t Move in the Dark Web
If you operate in the Dark Web, you are taking a significant risk, not just when you engage in illegal activities there. In this part of the internet, there are no security precautions that you are used to from the World Wide Web, such as built-in protection against malicious websites in your web browser. Both Chrome and Firefox, for example, warn against dangerous websites that steal data through phishing attacks. This does not happen in the Tor browser.
Therefore, there is always a risk that you could infect your devices with malware, ransomware, or trojan viruses if you are not protected by a specialized cybersecurity system. Moreover, there is a risk of getting involved in illegal activities or unwittingly becoming an accomplice in a crime, thus becoming a target of law enforcement.
Conclusion
It is important for several reasons to understand the footprint of your business, as well as your own, in the Dark Net. First, it helps identify potential security vulnerabilities and threats, allowing for proactive measures to mitigate risks. Secondly, it provides insights into leaked sensitive information such as customer data or protected assets, thus enabling damage control and compliance with regulations.
Furthermore, monitoring your footprint aids tracking illegal activities related to your brand, thus protecting your reputation and integrity. In summary, knowing your Dark Net presence enables businesses to strengthen their defense, protect valuable assets, and maintain integrity in an increasingly interconnected digital landscape, ultimately ensuring sustainable resilience and success in the face of evolving cyber threats.
