CyberHygiene™ FAQ

Q: What is the Dark Web?

A: The Dark web is a vast sub-layer of the internet that is inaccessible by the common browsers and allows anonymity that promotes illegal activities like trading in stolen data. It is continually growing and so is the scope and extent of bad things that are happening there. Put simply, it is the “playground” of cybercriminals.

Q: How are stolen data exposed and used sold on the Dark Web?

A: Cybercriminals acquire stolen data from database breaches of companies which include corporate email addresses, passwords, credit card number and other sensitive Personally Identifiable Information (PII) of individuals that belong to other companies, hence why these are called 3rd party breaches. The data are then brought to the dark web marketplace where they are sold in bulk to bad actors who proceed to use this data to impersonate the original owners and commit fraud and other illegal activities.

Q: Is it possible to keep my data out of the Dark Web?

A: While it is possible to take a number of steps to try and keep your corporate data off the Dark Web, unfortunately you cannot be guaranteed that your data will not end up in the dark Web because modern business practices require that you share your PII with other corporate entities and in most cases when your data is stolen, it happens through 3rd party breaches by incidents at other companies that have your data in their databases. We recommend the following to reduce the chances of your data ending up on the dark web and mitigate the effect if you do:

  • Use Password Manager: These secured apps are designed to “lock” your passwords in a safe place and keep them from being stolen.
  • Multi-Factor Authentication: This is a very valuable way to prevent any stolen Password from being used in isolation and make it difficult for the “bad guys” to function with the credentials they steal. Take advantage of it when dealing with any account that offer it.
  • Strong Password Policy: Put a strong password policy in place and ensure using unique non-corporate password at 3rd party sites.
  • Dark Web Monitoring: Finally and perhaps most importantly, make sure you use a good and reliable dark web monitoring service that will constantly check the dark web for your data and alert you immediately anything is found on you, so that you can take action to prevent your data in the dark web from being used to breach your network.
Q: How does Dark Web monitoring work?

A: has a proprietary and highly sophisticated Artificial Intelligence (AI) engine – CyberRetina™ designed to probe deep into the Dark Web using just your company Domain name to find any information associated with your Domain. Human Intelligence also supplements this AI engine in cases where there is a need for it.

Our CyberRetina™ AI engine only needs your corporate Domain information instead of email addresses, and it prevents our client’s emails from being exposed/confirmed on the dark web.

Q: What do I do when I get an alert from my dark Web monitoring service?

A: When you get an alert from your monitoring service that a new breach was found, it is imperative that you immediately address this by changing the password on the compromised account and / or if possible suspend the account and create a replacement account. CyberHygiene provides you with a list of remediation steps to follow.

Q: Can my information be removed from the Dark Web?

A: Data posted on the Dark Web are traded by cybercriminals and impossible to be removed. The unregulated “jungle” of the Dark Web has no formal or resourceful channel to control any data that makes it there. It is therefore only prudent to know as soon as possible when one’s data gets on the Dark Web so that preemptive action can be taken to mitigate any damages it can be used to perpetrate.