Voice of the Industry

Why fraudsters use the Dark Web and how to stop them cold

Tuesday 25 April 2017 07:28 CET | Editor: Melisande Mual | Voice of the industry

Amador Testa, Emailage: The dark web is a fraud prevention professional’s nightmare

It is a huge challenge we are confronting: a network of anonymous users who leave no trace of their identities, trading stolen personal information for profit. High profile incidents, like the shuttering of Silk Road and the hacking of Ashley Madison, have brought the terms “dark web” and “deep web” into the mainstream. But there’s a lot of confusion around what these terms actually mean.

In my career fighting fraud, especially during my time at Emailage, I have come to learn quite a bit about what the bad guys are up to on this underbelly of the internet. I would like for my fellow fraud prevention professionals to be similarly informed.

Therefore, I will talk more in detail about the differences between the deep web and the dark web, tools fraudsters use to access them, and what you can do to protect your revenue.

Deep web vs. dark web

The Deep Web is internet content that is not indexed by search engines. It is not all sinister, though. The deep web includes work portals, academic databases and private members websites not publicly accessible.

Estimates put the deep web at about 500 times the size of the public web, containing over 500 billion pages of content not indexed by Google. It is difficult to gauge the deep web’s size, because it has been intentionally not indexed for public consumption.

The Dark Web (also known as the Darknet) is a section of the internet that is intentionally hidden and not accessible with normal web browsers. Users can only access the Dark Web using anonymous network technology, such as Tor. Tor, which stands for The Onion Router, routes traffic through distributed servers and virtual tunnels, allowing for an anonymous connection.

The anonymous nature of the dark web allows users to purchase leaked customer data, access drug markets and engage in other illicit activities. On the positive side, the dark web provides a channel to get past repressive internet censorship and acts as a secure communication tool for journalism.

Tools of the dark web trade

To do business on the deep web, users favor anonymous currencies such as Bitcoin, Dash or exchanges like Holy Transaction. These tools allow for anonymous transactions with limited traceability, meaning deep web transactions are not linked to names, addresses or similar identifying characteristics. Buyers and sellers on the deep web are free from any type of banking or government oversight or regulation.

To securely communicate, users employ encrypted email services, messaging apps and forum systems built with privacy in mind. A few of the encrypted messaging apps include Telegram and Signal Messenger, which are built with encryption and security as key features.

How to protect your data from dark web fraudsters

Businesses looking to identify leaked data that is shared on the dark web transactions have some options. Below are a few of my recommendations:

Use Dark Web monitoring: Dark web monitoring companies generally use algorithms scan and crawl marketplaces for stolen data, such as card information. When choosing a solution, be sure to find out how often they update their dark web database.

Employ networked fraud prevention tools: When a fraudster buys leaked data, they will attempt transactions at multiple vendors around the web in a short timeframe. A networked solution can track this velocity and alert you.

Prioritize layered security: Fraudsters may adapt quickly, but they always seek the path of least resistance. A well-tuned risk engine should include multiple levels of protection, plus the scalability to meet the increased threat presented by large-scale data breaches. Even if fraudsters can penetrate a single layer, having multiple controls reduces the chance of them succeeding.

At Emailage, we look for behavior changes around how the email is used in transactions to identify potential account take overs. There are certain signals from our network which can indicate if an email address has been potentially compromised. These signals, along with velocity activity and risk events associated with the email, allow us to pinpoint which transactions should be stopped. This enables our customers to proactively identify and block fraudsters attempting to use freshly bought dark web data without disrupting customer experience.

About Amador Testa

Amador is an industry expert in online fraud, identity theft and cybercrime. Before Emailage, he was the head of fraud for card acquisitions at American Express and later led global fraud prevention divisions at Citigroup. Amador enjoys playing tennis, running marathons and traveling with his family.



About Emailage

As the global hub of email intelligence, the Emailage team has a singular goal: harnessing the power of the email address to help our customers achieve the delicate balance of reducing fraud levels while delivering optimal customer experience. Headquartered in Arizona, USA Emailage also has offices in Brazil and the United Kingdom.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Deep web, dark web, Amador Testa, Emailage, fraud prevention, security, US, Tor, expert opinion
Countries: World