A Look Into the Deep, Dark Web

As we continue on with the IRS Tax Security Awareness Week, today we are going to provide an overview of what the Dark Web is and how it is being used. The Dark Web is where the majority of personal information is being obtained, purchased, and sold. The internet has three “types” of websites known as the Surface Web, Deep Web, and Dark Web. Each type is described below.

Surface Web: Is the place that most people are used to and go majority of the time when on the internet. This is accessible via normal browsers that you’re used to such as Explorer, Firefox, and Chrome. And they’re the normal websites we all go to such as Google, Yahoo, and Facebook, to name a few. It’s been part of the worldwide web since the first browser was introduced in 1990 and it’s the thing most people are familiar with. Anything you can discover through your Internet browser using any of the main search engines is what you get access to. This is where you read about the news, buy something on Amazon, or visit any of your daily sites. It’s also an area of the web that’s under constant surveillance by governments across the world.

Deep Web: These are private databases that require a specific password, encrypted browser, or a set of log-in details. Examples of website on the Deep Web is online banking, employers that have HR sites available to employees, medical facilities that now enable patients to access their information online. Therefore, all of our medical records, financial records, social media files, and plenty of other information we want to and need to keep secure is housed on the Deep Web. A good example is when you have to either generate a PIN number or have memorable information to enter across bank accounts often online. This information is stored in the Deep Web, and you have to use details like passwords and those kinds of things to allow you special access.

Dark Web: This is part of the Deep Web. But its major difference is that it has been intentionally hidden, anonymous, and is inaccessible to normal web browsers. The Dark web is only accessible via special software. The technology to create the Dark Web was initially created and is still funded by the U.S. military researchers since the mid-1990s. And the reason was, to allow spies and intelligence agencies to anonymously send and receive messages. However, you can’t hide messages if there’s nothing to hide them behind. Therefore, if more people have access to send anonymous messages, it’s harder to find — for counterintelligence agencies to discover these messages. So the government opened up the Dark Web to allow others to use it so they could send messages back and forth that they didn’t want governments or other people to know.

As a result of users now being able to access the internet anonymously, criminals and those performing illegal acts have also begun using the Dark Web. In essence, in the age of technology, the Dark Web has become the next “street corner” for illegal acts and as we will focus on cyber-thieves obtaining access to our personal information such as Name, Address, Social Security Number, Credit Card Numbers, Bank Accounts, and the many other data breaches that have become a common occurrence.

Remember the old phrase of “dumpster diving”? This is essentially now being done virtually online. At one point in time, thieves would go through dumpsters of business and people looking for trash that wasn’t shredded and contained personal information. Or the thieves would physically break-in to businesses to steal information, computers, etc. Now, this can and is being done all online in the Dark Web.

Now that we know about the Dark Web, when online, we should always be aware that there are cyber-thieves everywhere just waiting for us to slip up and provide personal information on a website that we think is safe. Therefore, we should take extra measures to protect our personal information. Some of the recommended actions are:

  1. Protect your computer by always having security software and firewall installed.
  2. Encrypt files that are stored on your computer. This is generally done by requiring a password in order to open the files.
  3. We recommend using a password that is a minimum of 12 characters.
  4. When on a website, always make sure in the URL, the “http” includes an “s”, so it should be “https”. The “s” identities the website as secure.
  5. Learn to recognize and avoid scams. As we noted yesterday, the most common method for cyber-thieves to obtain your personal information is simply by asking for it and this is happening through email.

A good tip is to treat all your personal information like we treat cash. So just as we take steps to protect our cash and not leave it laying out for anyone to take, we should use these same actions to protect our personal information.

A complete IRS webinar discussing the Dark Web is available at https://www.irsvideos.gov/Webinars/UnderstandingBasicsDarkWeb

Additional information can be found on the IRS website at https://www.irs.gov/newsroom/national-tax-security-awareness-week-2018