Cookies on BBB.org

We use cookies to give users the best content and online experience. By clicking “Accept All Cookies”, you agree to allow us to use all cookies. Visit our Privacy Policy to learn more.

Manage Cookies
Latest News

Should You Sign Up for Dark Web Monitoring?

You may have seen an ad or received an email that offers dark web monitoring. The thought of your personal information floating unsecured around the shady corners of the Internet causes fear. Online criminals are real, and they have plenty of places to hide, so should you sign up? Let’s look at what dark web monitoring can do and whether you actually need it.

What is the Dark Web?

Most people only use a couple layers of the Internet. When you click on links on the Internet or browse through the results of a web search, you’re operating on the surface level. Anyone can get to these surface-level pages.

The deep web comes next, and you probably access pages there, too. That’s where you find information that requires a sign-in. If you log into your bank account, email, social media account or messaging platforms, you’re using the deep web. Those pages are only accessible if you have the sign-in info, but it doesn’t typically require special knowledge or equipment to visit them.

Even deeper lies the dark web. You have to use a special web browser to get to pages on the dark web, and when you do, that browser disguises the computer that’s accessing the content. Unlike on the other layers, on the dark web, no one can tell who you are or where you’re coming from.

Why People Use the Dark Web

It isn’t just criminals who use the dark web. If you’re in a country that censors online information or blocks access to political websites or social media pages, you can use the dark web to access pages and content that you otherwise couldn’t see. Law enforcement and national security agents use it to identify potential threats.

However, the anonymity the dark web offers makes it an attractive place for lawbreakers. People sell drugs, stolen identity information and anything else you can imagine. Buyers pay in cryptocurrency, so there’s no way to trace the transaction.

What Dark Web Monitoring Promises

If you sign up for dark web monitoring, several agencies promise “dark web surveillance” that looks through the dark web for your personal information and sends you notifications if it turns up. You tell the service what you want monitored, and its algorithm searches the dark web for information like the following:

  • Social security number
  • Bank account numbers
  • Credit, debit and retail card information
  • Driver’s license and/or passport numbers
  • Other personally identifiable information


What Dark Web Monitoring Can’t Do

Often, people sign up for dark web monitoring because they have misconceptions. First, they get the impression dark web monitoring searches through the whole dark web. It doesn’t.

Second, consumers think dark web monitoring will allow them to remove their personal information if it exists where it shouldn’t. It won’t do that either.

Most of the information on the dark web is locked behind access-restricted doors. Monitoring services may have keys to some of those doors, but not all of them. There are layers within layers, with much of the illegal information exchanged privately. Also, the dark web is vast. The hundreds of thousands of pages those services scan is just the tip of the iceberg.

Also, most of the time once your information is available on the dark web, you can’t remove it. You might be able to call your credit card company and prove you didn’t spend thousands of dollars in Italy because you’re currently in the US or Canada, but there’s no contact information for the cyber-criminal offering your credit card number on the dark web.

How to Protect Yourself Without Dark Web Monitoring

Assume your information is out there and available for bad people who want to do bad things. Over the past several years, the news has reported massive security breaches from credit card companies, government agencies and financial institutions. The dumps included social security numbers and bank accounts for millions of people.

Instead of waiting around for a notification, be proactive by taking the following steps:

  • Use secure passwords – If you use your dog’s name on your email address, bank account, social media pages and work computer, change it. Create a different password for each that has at least 12 characters and a combination of capital and lower case letters, numbers and symbols. Don’t write passwords on a post-it and stick them to your computer. Instead, create a secure file or use a password manager.
  • Check your credit – You’re entitled to a free credit report every year by visiting annualcreditreport.com. Make sure you initiated everything on it. If someone fraudulently uses your information, you can dispute it. You can also freeze your credit, which keeps anyone from opening accounts in your name without your authorization, though you will have to unfreeze it any time you wish to open a new account.
  • Watch your accounts – Don’t just check your balance; look at credit card and bank account activity closely to make sure only authorized users are accessing funds.

If you see something alarming, act quickly. You may not be able to identify the cyber-criminal who stole your information, but you can secure your finances. If the fraud occurs with your credit card, contact your lender, cancel the card and dispute the charges. If the problem is with your driver’s license, contact your local DMV. If your social security number was stolen, notify the Social Security Administration and Internal Revenue Service.

The BBB warns consumers when there’s an illegal scheme or fraud. If you’ve been a victim, help us warn others by visiting the BBB Scam Tracker today.

Thanks to Missy Ticer and BBB serving Central East Texas for contributing to this article.

This article was reviewed and edited by Cobun Zweifel-Keegan, Deputy Director of Privacy Initiatives at BBB National Programs, Inc.