If your personal details are stolen for example, through a service you use being hacked, they can end up on the dark web, where they can be bought and sold by criminals.
There are many ways your data can end up on the dark web. The most common ones include:
1. Your data being involved in the hacking of a company or website
This happens when a service you’ve used which stored your information was hacked and your data was stolen alongside other peoples’. Some notable examples include Adobe, LinkedIn, and MyFitnessPal.
2. Fraudsters having some of your information and guessing other parts (e.g. your password)
This can happen when criminals re-use your password on different sites or test out other plausible passwords through trial and error.
3. Phishing
You might have opened an email that appeared to be from a trusted company, and then shared personal details on request. These emails - known as phishing emails - often ask you to reset your password or hand over other private information, like credit card details. Always be wary of this, and don’t reply or click on a link in an email if you’re suspicious. For tips on how to spot a phishing email, read our article.
4. Cold calling and ‘vishing’
This is when you’re misled into sharing personal data over the phone. A fraudster will call you pretending to be from an organisation and encourage you to share private details. Never share your login details or other personal information over the phone without proof that who you’re speaking to is really who they claim to be.
You should always find the number of the organisation calling you independently, and call them back. You could find this on their website or on the back of your credit/debit card.