Would you know if your details were for sale and available for cyber criminals to purchase?
Over 20% of organisations have staff who have had credentials stolen. And 81% of all company data breaches occurred due to poor passwords or stolen information.
Stark statistics, and a growing threat to businesses worldwide.
If you’ve not heard of the Dark Web before, the Dark Web is a part of the internet that isn’t indexed by search engines and is a hot bed of criminal activity.
Stolen credentials are available to purchase on the Dark Web for a surprisingly small amount of money from cyber criminals. Information like usernames and passwords for accessing systems, credit/debit card data and even files stolen from your own network!
Forewarned is forearmed and knowing what passwords, data and account details have been posted on the Dark Web will allow you to be proactive in increasing your internal security and preventing a data breach.
Our Stolen Credential Monitoring service searches over 200 sites on the Dark Web to check for mentions of your organisation including your domain, email, company name etc.
If your information is found online we will notify you and provide you advice on the next steps to mitigate the risks this leaked data poses to your business.
We can provide this as a one-off exercise or, more advisable, a regular subscription service such as monthly scans. This service allows us to regularly check what data is available on the Dark Web, meaning you can remediate potential threats before an attack occurs.
As part of our scanning service, we monitor many platforms and forums including hidden chat rooms, IRC (Internet Relay Chat) channels, Social Media platforms, 640,000+ botnets, Dark Web auction sites and more.
Data is regularly extracted from people by activities such as phishing, where cyber criminals pretend to be legitimate organisations and trick users into disclosing details. Another method used to steal data is injecting malware into legitimate social networks to capture credentials or even installing malware on an employee’s machine to harvest details!
It’s not just your details that could be compromised. Think about it. What details do you hold for others?
Do you hold information on behalf of your clients which, if compromised, could be detrimental to both your clients and your own business’s finances and reputation?
We recently performed Stolen Credential Monitoring for two Teesside business, Middlesbrough-based brand agency The Creative Alchemist and Stockton-based PR, marketing and design agency, Resolution.
Managing their clients’ marketing communications both on and offline, as well as their own, it’s an imperative that they do all they can to protect this information.
The Creative Alchemist’s Managing Director, Lisa Holt said: “It was frightening to think that our information might have been for sale on the Dark Web. We are always very careful with our data, so we were reassured by the scan results.”
Managing Director of Resolution, Sharon Starkey, said “It is a great housekeeping exercise to carry out. It has given me comfort that the scan has been performed and action has been taken to remove unused accounts and update passwords too. It is something that I will be repeating company wide. It’s a no brainer.”
As well as using a service like our Stolen Credential Monitoring, we also advise that you always implement multifactor authentication, where available. We also recommend that you do not reuse passwords and, when staff leave ensure that their passwords are changed or lock-out their accounts immediately.
Please get in touch to arrange your scan or to find out more information on this or any of our other services.