If you’ve received a data breach notice from a company, you’re definitely not alone. According to a survey from US News, nearly half (44%) of respondents reported being notified multiple times about different breaches involving their personal data. So if you’ve felt like there seems to be another data breach at a familiar company every other day, you’re right.
Unfortunately, the information stolen in a data breach often ends up on the dark web, where it becomes a target for hackers, scammers, and other digital criminals. Data breaches aren’t the only way your information can fall into a criminal’s hands. If you’ve ever clicked on a phishing link, entered personal information on a social media survey, or if your device has been infected with malware, you may have given up personal data that will be posted or sold on dark web forums.
I recently discussed this with Dr. Darren Williams, the founder and CEO of BlackFog, a company specializing in data privacy and ransomware protection. He said that even though some of your data is lost to the dark web, that doesn’t mean you should give up on everything. You can protect your other personal information by making a few changes to your online interactions and by installing a few security tools on your devices.
Below are tips for minimizing your online footprint, courtesy of Dr. Williams, along with my suggestions for tools that can help prevent fallout from future data breaches.
1. Understand How Your Data Is Used
Dr. Williams told me that first, it’s important to understand how criminals use the information they find or buy on the dark web. Williams has spent a lot of time researching how criminals use stolen personal information to pull off account takeovers, identity theft, and scams. He told me that these days, AI tools take much of the work out of cybercrime.
“Two years ago, these criminals were doing the ‘pray and spray’ approach. They would get anyone they can,” he said. “Now, you can buy whole groups of this information and use it for social engineering.”
Here’s how it works: An AI chatbot scans breach documents from the dark web and puts together information packages called “fullz.” These contain data like your banking credentials, medical records, name, physical address, phone number, and social security number. Criminals use the dossiers to pretend to be a family member, friend, or romantic partner in a romance scam or financial baiting situation.
Williams said that personally targeted scams are rare partly because cybercriminals are lazy. Instead, they usually use dark web data to target groups of people and lure in many victims as quickly as possible.
Get Our Best Stories!
Stay Safe With the Latest Security News and Updates
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
It’s Surprisingly Easy to Be More Secure Online
Now that you know how criminals plan to use your data, you need to find out what information they already have. To do this, you can use a dark web scanning tool from a personal data removal service. Many password managers also include dark web monitoring as part of a paid subscription. This usually involves checking the dark web for mentions of your email addresses, usernames, or passwords.
Our Favorite Password Managers
Unfortunately, removing data once it’s on a dark website is hard. Even if sites get shut down, there’s a good chance the info was saved and will pop up on another dark web forum later.
3. Use a Data Removal Service
The next thing to do is to make yourself an unattractive target for cybercriminals. “It’s like that classic line, right? I only have to outrun you, not the bear.” Williams said. Make yourself harder to catch by removing as much of your personal data from the internet as possible.
Williams said the best way to evade cybercriminals is to share as little information online as possible. That goes for more than hot takes on social media or embarrassing college party pics. It applies to all of your data. Once the info leaves your device, it will likely languish in a database before being sold to a data broker as part of a package. Anyone can buy your personal information from data brokers.
Even experts have trouble removing themselves from data broker sites, so it’s a good idea to give that job to a personal data removal service. While it’s possible to do DIY data cleanup for free, it’s a very time-consuming process because there are hundreds of data broker websites.
The Best Personal Data Removal Services
4. Protect Your Data With Strong Security Software and Practices
While some bad guys will use dark web data to access your online accounts, the worst ones want to access your computer or device because that’s where you keep all your good stuff, like private photos, videos, or financial data. That’s why I recommend checking for and installing security patches for your computers, mobile devices, and any other devices that connect to your home network, such as a smart refrigerator or AI assistant.
Dr. Williams said that while consulting for businesses, he noticed that many people become a weak link in an otherwise secure network for the sake of small conveniences. He explained that he’s encountered people who have disabled their local firewall or antivirus for one reason or another, and then been confused when they learn they inadvertently exposed themselves to cyberattacks.
So, along with keeping the firewall on, here’s a quick list of other cyber hygiene tasks to complete:
-
Secure your online accounts with multi-factor authentication (MFA). This method uses a password (something you know) and a code or message on your phone (something you physically possess) to make it harder for hackers to access your accounts.
-
Create and store strong, unique passwords for your online accounts using a password manager.
-
Install antivirus software on your computer and other devices, and keep it patched and running in the background.
-
Install a VPN on your computer and other devices, and turn it on when using public Wi-Fi.
-
Don’t open links in emails or text messages from people you don’t know.
-
Always install security patches and updates on your devices. This includes smart home devices and alarm systems.
-
Keep your operating systems up to date on all your devices, too. The older an operating system is, the more exploits it has and the less support the developer offers.
-
Invest in identity theft protection software like Editors’ Choice winner Norton 360 With LifeLock, which bundles VPN access with device-level security. Some security suites, like McAfee+, also include identity monitoring.
-
Monitor your credit regularly. Each of the three major credit bureaus, Experian, Equifax, and Transunion, allows you to download free credit reports and will notify you of any changes to your credit report or credit score. Additionally, many of our favorite identity theft protection suites and personal finance apps include credit monitoring with similar real-time alerts, so you can stay informed about any changes and take action in a timely manner.
About Our Expert
Kim Key
Senior Writer, Security
Experience
I review privacy tools like hardware security keys, password managers, private messaging apps, and ad-blocking software. I also report on online scams and offer advice to families and individuals about staying safe on the internet. Before joining PCMag, I wrote about tech and video games for CNN, Fanbyte, Mashable, The New York Times, and TechRadar. I also worked at CNN International, where I did field producing and reporting on sports that are popular with worldwide audiences.
In addition to the categories below, I exclusively cover ad blockers, authenticator apps, hardware security keys, and private messaging apps.
If you’ve received a data breach notice from a company, you’re definitely not alone. According to a survey from US News, nearly half (44%) of respondents reported being notified multiple times about different breaches involving their personal data. So if you’ve felt like there seems to be another data breach at a familiar company every other day, you’re right.
Unfortunately, the information stolen in a data breach often ends up on the dark web, where it becomes a target for hackers, scammers, and other digital criminals. Data breaches aren’t the only way your information can fall into a criminal’s hands. If you’ve ever clicked on a phishing link, entered personal information on a social media survey, or if your device has been infected with malware, you may have given up personal data that will be posted or sold on dark web forums.
I recently discussed this with Dr. Darren Williams, the founder and CEO of BlackFog, a company specializing in data privacy and ransomware protection. He said that even though some of your data is lost to the dark web, that doesn’t mean you should give up on everything. You can protect your other personal information by making a few changes to your online interactions and by installing a few security tools on your devices.
Below are tips for minimizing your online footprint, courtesy of Dr. Williams, along with my suggestions for tools that can help prevent fallout from future data breaches.
1. Understand How Your Data Is Used
Dr. Williams told me that first, it’s important to understand how criminals use the information they find or buy on the dark web. Williams has spent a lot of time researching how criminals use stolen personal information to pull off account takeovers, identity theft, and scams. He told me that these days, AI tools take much of the work out of cybercrime.
“Two years ago, these criminals were doing the ‘pray and spray’ approach. They would get anyone they can,” he said. “Now, you can buy whole groups of this information and use it for social engineering.”
Here’s how it works: An AI chatbot scans breach documents from the dark web and puts together information packages called “fullz.” These contain data like your banking credentials, medical records, name, physical address, phone number, and social security number. Criminals use the dossiers to pretend to be a family member, friend, or romantic partner in a romance scam or financial baiting situation.
Williams said that personally targeted scams are rare partly because cybercriminals are lazy. Instead, they usually use dark web data to target groups of people and lure in many victims as quickly as possible.
Get Our Best Stories!
Stay Safe With the Latest Security News and Updates
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
It’s Surprisingly Easy to Be More Secure Online
Now that you know how criminals plan to use your data, you need to find out what information they already have. To do this, you can use a dark web scanning tool from a personal data removal service. Many password managers also include dark web monitoring as part of a paid subscription. This usually involves checking the dark web for mentions of your email addresses, usernames, or passwords.
Our Favorite Password Managers
Unfortunately, removing data once it’s on a dark website is hard. Even if sites get shut down, there’s a good chance the info was saved and will pop up on another dark web forum later.
3. Use a Data Removal Service
The next thing to do is to make yourself an unattractive target for cybercriminals. “It’s like that classic line, right? I only have to outrun you, not the bear.” Williams said. Make yourself harder to catch by removing as much of your personal data from the internet as possible.
Williams said the best way to evade cybercriminals is to share as little information online as possible. That goes for more than hot takes on social media or embarrassing college party pics. It applies to all of your data. Once the info leaves your device, it will likely languish in a database before being sold to a data broker as part of a package. Anyone can buy your personal information from data brokers.
Even experts have trouble removing themselves from data broker sites, so it’s a good idea to give that job to a personal data removal service. While it’s possible to do DIY data cleanup for free, it’s a very time-consuming process because there are hundreds of data broker websites.
The Best Personal Data Removal Services
4. Protect Your Data With Strong Security Software and Practices
While some bad guys will use dark web data to access your online accounts, the worst ones want to access your computer or device because that’s where you keep all your good stuff, like private photos, videos, or financial data. That’s why I recommend checking for and installing security patches for your computers, mobile devices, and any other devices that connect to your home network, such as a smart refrigerator or AI assistant.
Dr. Williams said that while consulting for businesses, he noticed that many people become a weak link in an otherwise secure network for the sake of small conveniences. He explained that he’s encountered people who have disabled their local firewall or antivirus for one reason or another, and then been confused when they learn they inadvertently exposed themselves to cyberattacks.
So, along with keeping the firewall on, here’s a quick list of other cyber hygiene tasks to complete:
-
Secure your online accounts with multi-factor authentication (MFA). This method uses a password (something you know) and a code or message on your phone (something you physically possess) to make it harder for hackers to access your accounts.
-
Create and store strong, unique passwords for your online accounts using a password manager.
-
Install antivirus software on your computer and other devices, and keep it patched and running in the background.
-
Install a VPN on your computer and other devices, and turn it on when using public Wi-Fi.
-
Don’t open links in emails or text messages from people you don’t know.
-
Always install security patches and updates on your devices. This includes smart home devices and alarm systems.
-
Keep your operating systems up to date on all your devices, too. The older an operating system is, the more exploits it has and the less support the developer offers.
-
Invest in identity theft protection software like Editors’ Choice winner Norton 360 With LifeLock, which bundles VPN access with device-level security. Some security suites, like McAfee+, also include identity monitoring.
-
Monitor your credit regularly. Each of the three major credit bureaus, Experian, Equifax, and Transunion, allows you to download free credit reports and will notify you of any changes to your credit report or credit score. Additionally, many of our favorite identity theft protection suites and personal finance apps include credit monitoring with similar real-time alerts, so you can stay informed about any changes and take action in a timely manner.
About Our Expert
Kim Key
Senior Writer, Security
Experience
I review privacy tools like hardware security keys, password managers, private messaging apps, and ad-blocking software. I also report on online scams and offer advice to families and individuals about staying safe on the internet. Before joining PCMag, I wrote about tech and video games for CNN, Fanbyte, Mashable, The New York Times, and TechRadar. I also worked at CNN International, where I did field producing and reporting on sports that are popular with worldwide audiences.
In addition to the categories below, I exclusively cover ad blockers, authenticator apps, hardware security keys, and private messaging apps.
Click Here For The Original Source.
