Shocking self-test: User data check on the darknet - how you protect yourself

We wanted to find out if our private data found its way into darknet databases. Expectations were low, but unfortunately we still found it. Hackers and fraudsters had a correct combination of email and password at their disposal. This is how you protect yourself and your account.



After recently writing a guide to Darknet, Deep Web and Tor, we decided to check whether our private user data might also be traded on the darknet. To do this, we used Norton and LifeLock's Dark Web Monitoring Tool, which monitors many different types of personal data. When we entered two email addresses, a phone number and an address into the system, we didn't really expect to find anything. But we were taught something better.


The tool spat out a warning message with the "Password Combo List - Dark Web" as the source. And in fact, we were shown a password that is generally quite old but still used on some websites. Combined with the email, it would allow scammers to impersonate our editor and chat on his behalf. For other people affected, this email password combination could even open the door to providers such as Amazon, eBay and travel booking portals. But how is this even possible? How do bank accounts, credit cards, driver's licenses, insurance, phone numbers, addresses, emails, passwords and numerous other personal data get on the darknet? And what can be done about it?

How to land the data on the darknet

Of course, there are countless different ways to get your data. In general, however, these can be limited to two types:

Variant 1: Phishing

First, there's the possibility that you'll "voluntarily" leave your data to scammers and darknet traders. All it takes is a fake email and a careless user. For example, if "Amazon" asks you by email to confirm your identity using your login details, you should inevitably be suspicious of the email. Because fraudsters often use fake login masks to get the data of their victims The perfidious: such masks then actually forward your connection to the Amazon homepage. So you don't even get to know that your data has been stolen and scammers can grab your savings without hassle.

Links in e-mails should be seen as a potential danger. Because apart from the fake login masks, they can also serve as a source for malware and viruses. As a result, you should never click on email links if you are not sure who sent you the email. The same applies to links in forums and on all other sites.

Variant 2: Vulnerabilities

Android and Windows users often receive updates. After the installation, however, you are often disappointed because it was again just a security patch with no additional features. But it's these patches that stand between your user data and the darknet. This is because hackers can exploit vulnerabilities in programs to obtain private information.

Another way to lose the "rights" to your own data is to create major data breaches. In recent years, we have reported countless data leaks at providers such as Facebook and Adobe – and even medical records have been and are stored on unprotected servers. Once, millions of credit card, id card and account detailswere revealed. But as our experience shows, such messages seem to interest only the fewest. And this is probably partly due to the fact that it is not immediately clear what fraudsters can do with a combination of email and password alone.

Self-disclosed login data from a forum is dangerous

Many users use the same email address and password on many different websites. Even if the darknet data comes from a forum for cuckoo watch lovers, it could also fit the Amazon account. And of course the fraudsters or the darknet buyers of such data sets know this. That's why they often test the combination on numerous popular sites such as Facebook,eBay or Notebooksbilliger. And if the login succeeds even once, this would inevitably have a negative impact on your account balance. This is exactly why you have to spend a lot of time in registering to come up with a password with numbers, lowercase, uppercase letters and special characters. Because the most popular password "123456" in this country is not too big an obstacle.

Moreover, when users get the email password, they often don't even need all other passwords. You can simply use password recovery to lock you out of your own accounts.

Am I also affected?

The monitoring tool from Norton or LifeLock used by us searches the Dark Web for the registered user data and reports all finds automatically. Unfortunately, the software is not free of charge. The Federal Office for Information Security (BSI) also offered its own service, which was based on a data set provided by law enforcement authorities. Today, however, this record is out of date and the service is offline. As a replacement, the BSI names four toolsthat check at least e-mail addresses. We tested all four tools with our eye-catching email and in fact the hasso-plattner-institute service was also found. However, it was only stated here that the password was disclosed; as it reads, the service did not reveal. The other three tools, on the other hand, informed us that the e-mail address was secure.

Among the services recommended by the BSI:

Comments 0

Leave a comment

Cancel reply

Login to leave a comment