What is a Dark Web Monitoring Notification?
Dark Web Monitoring, also known as cyber monitoring, is a service that helps monitor for information on the dark web and notifies you if we detect your personal information on the dark web. Identity thieves can sell your personal information on hard-to-find dark web sites and forums.
The notification that you receive is called a Dark Web Monitoring Notification.
What is a Baseline Notification?
When you enroll, we run a one-time historical dark web scan looking back to 2008 to determine if the information you provided us has been previously exposed. If we find exposed information, we notify you. This is known as a Historical or Baseline Notification.
Why am I getting notification from a breach that happened several months ago?
The dark web is where stolen information, such as bank account numbers, and credit card numbers, are sold. The information sold or traded can be in the form of “lists” which can be old, and could even re-appear several months, or years following an exposure of the information. Every time the information reappears or resurfaces on the dark web, you are likely to be notified.
“Exposed” information does not necessarily mean that your account(s) have been hacked. Given that these lists may be old, it is entirely possible that your login details associated with the website/service in question are no longer current. You may have already changed a password, deactivated your account or unsubscribed from the website or service. Sometimes breached sites deactivate exposed accounts, as well, which may make it difficult to remember or identify an account as belonging to you.
Why can’t I respond to the Dark Web Monitoring Notification to confirm my identity?
For some alerts, we ask you for a confirmation of the activity or transaction so we can determine if there might have been the possibility of an identity theft incident.
For other notifications, such as Dark Web Monitoring, we are notifying you that information which may belong to you has been detected. These notifications do not require confirmation from you because it is a result of a scan we perform on your behalf, and not a result of your activity.
I don’t recognize the website mentioned in my Dark Web Monitoring Notification. How do I know I have used this before?
There could be several reasons why you may not recognize the website mentioned in a notification. For example, the account may have been created via Facebook or Google log in. Some accounts may be old, and you may not remember having used the website or service. In some instances, you may have provided login details (username/password) for a one-time use, after which you may have never went back to the website or account again. Sometimes breached sites or services may deactivate exposed accounts which can make it difficult to remember or identify an account as belonging to you.
What is the difference between the Exposed Information and the Additional Exposed Information sections within the Dark Web Monitoring Notification?
Your Dark Web Monitoring Notification displays two types of exposed information. When you enroll you provide us information and we monitor it actively. If we detect this information on the Dark Web, it will be displayed in the Exposed Information section of the Dark Web Monitoring Notification.
If we detect other exposed information that may be related to you, we will notify you on this as well. Even if you did not provide the specific information to us, it is possible to use the information you have provided to help detect other information that may have been exposed; but since we have not collected this information from you, we can only notify you that it has been exposed, and not provide any other details. For example, in the case of a healthcare database breach, if you have provided your Insurance Account and Insurance Provider information for monitoring, we may also be able to notify you of additional data that may have been exposed, such as blood type, prescription medications, diagnoses, and related details. This type of information would be displayed in the Additional Exposed Information section of the Dark Web Monitoring Notification.
How accurate are the notifications from Dark Web Monitoring?
Using advanced technology, we uncover fresh data to provide you with useful and informative notifications.
How often are the scans of the dark web performed? How current is the data that is found?
With our ongoing algorithms, we notify you when we find information that may belong to you on the dark web.
How do I place a fraud alert on my credit file, if I’m a victim of fraud?
Applicable only for US and Canada.
If you are a victim of fraud, you can request a fraud alert to be placed on your credit file by contacting the two nationwide credit bureaus listed below (fees may apply). This warns potential credit grantors that the individual’s personal identification may have been compromised and directs them to take further precautions to verify the identity of the person seeking credit. It is at the discretion of the credit grantor’s authentication protocol processes as to what steps they will take. The fraud alert stays on your credit file for a period of six years and can be removed by you at any time in writing.
- Equifax: 1-800-465-7166
- TransUnion: 1-800-663-9980 (for residents of Quebec: 1-877-713-3393)
What should you do?
Based on what was found in your notification, use the list below for next steps. We will continue to monitor our network¹ for activity. If we detect your information, we will send another email.
Username
If you received a Dark Web Notification and it included your Username, here are some next steps to help protect yourself:
- Consider changing your Username if you have the option. The same Username may have been exposed multiple times in the past.
- Consider changing your passwords linked to that Username.
Password
If you received a Dark Web Notification and it included your Password, here are some next steps to help protect yourself:
- Change your password.
- If you use this password for other websites or app, then change it for those services too.
- Set up two-factor authentication whenever available with a website.
Emails can be used for phishing schemes that criminals use to try to get your information.
If you received a Dark Web Notification and it included your Email, here are some next steps to help protect yourself:
- If you are using this email as a login/username, consider changing this for better protection.
- We recommend that you never give any personal or sensitive information over email.
Date of Birth
Your Date of Birth along with other personal identifiable information can be used by identity thieves to hack into accounts and commit fraudulent activities.
If you received a Dark Web Notification and it included your Date of Birth, here are some next steps to help protect yourself:
- Review your financial statements and watch for any transactions you don’t recognize.
- Remove mail from your mailbox right away. If you’ll be away from home, request a mail hold.
- Shred anything that has PII, including credit card and bank statements, receipts, medical records.
- Opt for paperless delivery whenever possible and practical.
- Consider setting up a locked mailbox to decrease the risk of stolen mail.
Mother’s Maiden Name
Your Mother’s Maiden Name along with other personal identifiable information can be used by identity thieves to hack into accounts and commit fraudulent activities.
If you received a Dark Web Notification and it included your Mother’s Maiden Name, here are some next steps to help protect yourself:
- Review your financial statements and watch for any transactions you don’t recognize.
- Remove mail from your mailbox right away. If you’ll be away from home, request a mail hold.
- Shred anything that has PII, including credit card and bank statements, receipts, medical records.
- Opt for paperless delivery whenever possible and practical.
- Consider setting up a locked mailbox to decrease the risk of stolen mail.
Driver’s License
Your Driver’s License Number along with other personal identifiable information can be used by identity thieves to commit fraudulent activities.
If you received a Dark Web Notification and it included your Driver’s License, here are some next steps to help protect yourself:
- Review your financial statements and watch for any transactions you don’t recognize.
- Remove mail from your mailbox right away. If you’ll be away from home, request a mail hold.
- Shred anything that has PII, including credit card and bank statements, receipts, medical records.
- Opt for paperless delivery whenever possible and practical.
- Consider setting up a locked mailbox to decrease the risk of stolen mail.
Bank Account
If you received a Dark Web Notification and it included your Bank Account, here are some next steps to help protect yourself:
- Review bank statements for accuracy.
- Never disclose a debit or credit card PIN (personal identification number) in email or on the phone.
- Be suspicious of strangers who ask for personal information by email or phone.
- If you’re asked to provide your Social Security number or other confidential information, make sure you know who wants the information and why.
- Be wary of email attachments and “free” software.
- Don’t use part of your Social Security number as a PIN.
- Think before you download apps, click on links or reply to emails that might be harmful or fraudulent.
- Keep your laptop or mobile device’s operating system and Internet browser up to date.
- Don’t store passwords, your Social Security or other sensitive information on your smartphone.
- Be aware of your surroundings when you bank online and watch out for “shoulder surfers,” people who hover nearby and observe your information without your knowledge.
Passport Number
Your Passport Number along with other personal identifiable information can be used by identity thieves to commit fraudulent activities.
If you received a Dark Web Notification and it included your Passport, here are some next steps to help protect yourself:
- Contact your local passport office to file a complaint
- Apply for a replacement passport
Name
Your Name and Address along with other personal identifiable information can be used by identity thieves to hack into accounts and commit fraudulent activities.
If you received a Dark Web Notification and it included your Name, here are some next steps to help protect yourself:
- Review your financial statements and watch for any transactions you don’t recognize.
- Remove mail from your mailbox right away. If you’ll be away from home, request a mail hold.
- Shred anything that has PII, including credit card and bank statements, receipts, medical records.
- Opt for paperless delivery whenever possible and practical.
- Consider setting up a locked mailbox to decrease the risk of stolen mail.
Address
Your Name and Address along with other personal identifiable information can be used by identity thieves to hack into accounts and commit fraudulent activities.
If you received a Dark Web Notification and it included your Address, here are some next steps to help protect yourself:
- Review your financial statements and watch for any transactions you don’t recognize.
- Remove mail from your mailbox right away. If you’ll be away from home, request a mail hold.
- Shred anything that has PII, including credit card and bank statements, receipts, medical records.
- Opt for paperless delivery whenever possible and practical.
- Consider setting up a locked mailbox to decrease the risk of stolen mail.
Phone Number
Phone numbers can be used for phishing schemes that criminals use to try to get your information to commit fraudulent activities.
If you received a Dark Web Notification and it included your Phone Number, here are some next steps to help protect yourself:
- Never give any personal or bank information over the phone unless you are certain of the caller.
- If you start receiving suspicious calls, contact your telephone service provider to see if it is possible to block calls from those numbers.
- Register your phone number on the national Do Not Call Registry at www.DoNotCall.gov, or by calling 1-888-382-1222 (TTY: 1-866-290-4236) from the number you wish to register. If you register online, you must click on the confirmation email you receive to complete your free registration.
Insurance Information
Identity thieves can you use any of your insurance information to submit false claims which can be for, but not limited to medical, car, life, home or pet.
If you received a Dark Web Notification and it included any of your insurance information including but not limited to policy numbers, medical information, or insurance providers, here are some next steps to help protect yourself:
- Carefully review any insurance bills and claims.
- Be on the lookout for:
- Medical or other insurance collection notices on your credit report that you don’t recognize
- A notice from your health plan saying you reached your benefit limit
- A denial of insurance because of past claims or medical records for a condition you don’t have
Other tips:
- Remove mail from your mailbox right away. If you’ll be away from home, request a mail hold.
- Shred anything that has PII, including credit card and bank statements, receipts, medical records.
- Opt for paperless delivery whenever possible and practical.
Consider setting up a locked mailbox to decrease the risk of stolen mail.
Gamertag
If you received a Dark Web Notification and it included your Gamertag, here are some next steps to help protect yourself:
- Change your password with all gaming platforms in which you use Gamertag
- Enable two-factor authentication with the gaming platforms
- Change your email password associated with the Gamertag
- Use a different password and Gamertag for each gaming platform
Social Security Number
and other personally identifiable information can be used by criminals who break into your account and commit fraud. If you receive a dark web notification and the notification including your “My Number”, we recommend the following steps: Please contact the person’s number or my number window. The person in charge may suspend the issued number. It will also tell you the additional steps you need to take.
If you lose your Individual Number Card, please report it to the police.
Keep your computer and mobile device operating system and internet browser up-to-date. Please use antivirus software.
Credit Card
If you received a Dark Web Notification and it included your Credit Card, here are some next steps to help protect yourself:
- Contact your credit or debit card company for a replacement card and monitor your activity closely.
- Report any suspicious activity to your financial institution immediately.
- We recommend using the Transaction Monitoring service from LifeLock.
CVV
If you received a Dark Web Notification and it included your Credit Card CVV, here are some next steps to help protect yourself:
- Contact your credit or debit card company for a replacement card and monitor your activity closely.
- Report any suspicious activity to your financial institution immediately.
- We recommend using the Transaction Monitoring service from LifeLock.
Password Combo List
- If member receives a Dark Web Notification and it included your password exposed in a combo list, a collection of email addresses and passwords from breached websites, here are some next steps to help protect yourself:
- Change the exposed password on all sites where you might have used it
- Choose a unique strong password on all sites where you might have used it. Its recommended to not employ the same password each time
- Review your credit reports and watch for new credit inquiry alerts or suspicious activity. Consider freezing your credit file
- Set up two-factor authentication whenever available for website.
The exposed password included in the Dark Web Notification has been masked/hidden for security purposes. Follow the below steps to partially see the exposed password.
- Click the link that is provided in the alert notification
- Member will receive a 6-digit verification code to the exposed email displayed in the notification
- If you do not receive your verification code, please check your spam or junk folders for an email coming from [email protected]
- As there may be a delay, please check your folders again in 5 minutes, or check back again later. If you still do not receive your code, please contact your Internet Service Provider to resolve this issue.
- Please do not send multiple requests as it will make the condition only worse
- Enter the 6-digit code received
- Due to security purposes, we do not display your entire password. Once we verify that the email address listed belongs to you, your password will be partially unmasked and displayed.
- Note that the password may not be your most recent, but one you have used in the past.
- Members password is partially unmasked as per the rules below:
- Unfortunately, if the member no longer has access to that email, they will be unable to verify and see the details.
- Member can change, update or enter a different email address to receive the 6-digit verification code
- Member might have entered the 6-digit code incorrectly.
- Have member try the 6-digit code again
- Error still appears then the 6-digit code has expired
- Have member request a new verification code email
No one can prevent all identity theft.
¹LifeLock does not monitor all transactions at all businesses.
²Dark Web Monitoring in Norton 360 plans defaults to monitor your email address only. Please login to the portal to review if you can add additional information for monitoring purposes.
§For NortonLifeLock offerings provided to you by a Service Provider or through channels outside the United States, the LifeLock identity theft protection services and coverage, plan feature names and functionality might differ from the services offered directly by NortonLifeLock. Please contact your Service Provider for details on their NortonLifeLock plan offerings.
Source : Official Norton Brand
Editor by : BEST Antivirus KBS Team