Dark Web Monitoring – Is It Worth The Cost?

Consumers are coughing up anywhere from $10 to $30 per month for identity theft protection. Credit monitoring companies usually include dark web monitoring to their list of services. But is dark web monitoring really worth its salt? Consumers are under the false assumption that they can rely on these credit monitoring companies to keep them protected. THEY CAN’T!

Results of a recent survey by Consumer Federation of America (CFA)

~ 36% of those who’d seen ads for dark web monitoring incorrectly believed identity theft services can remove their personal info from the dark web.

~ 37% mistakenly believe dark web monitoring services will prevent stolen information, sold on the dark web, from being used.

Dark Web Monitoring

What is the Dark Web?

It is the go-to place on the internet where criminals buy and sell stolen personal information. Well known, commonly used internet browsers such as Google Chrome, Firefox or Mozilla won’t get you there. You need a special browser such as Tor. Most of this stolen information is gleaned from criminals that hack into compromised businesses and personal computers. Here’s what these nefarious actors are after: social security numbers, credit card info, usernames & passwords, bank account info, medical info, birth dates, email addresses, names, addresses, phone numbers, etc., etc.


No one can erase any of the stolen data that ends up on the dark web. No one can prevent your stolen data from being sold or used. Therefore, credit monitoring companies are only able to ‘alert’ you (after the fact) once they discover that your personal info is up for sale on the dark web.

If you’re wondering whether or not your personal info is on the dark web, the answer is YES, of course it is. You don’t need to pay a credit monitoring service to learn that! Hackers stole nearly a half a billion records in 2018 alone!

The Equifax data breach exposed the social security numbers, birth dates and other personal info of 148 million Americans. About 6.4 million records are reported stolen every day. If you’re still not convinced, and want to see the raw data, go here for real time data breach statistics.

Odds are very high that your info has already been bought and sold to numerous criminals on the dark web. You can’t change your social security number or date of birth. With so much of everyone’s info already compromised, individuals must do everything they can to make it more difficult for criminals to use that stolen data.

Does Dark Web Monitoring Have Any Value?

Security experts say dark web monitoring is just a scare tactic used by credit monitoring companies. Fear of the unknown motivates people. Neal O’Farrell, executive director of the Identity Theft Council  says it’s all really “just a smoke and mirrors deal” created by credit monitoring services to justify the monthly fee. O’Farrell states “They keep adding on these extra services that are truly valueless and don’t go to the cause of the problem”.

6 Important Things To Protect Yourself

1.) Check your credit report regularly with all 3 credit bureaus. By law you are entitled to a free annual report from Equifax, Trans Union and Experian. All three companies must provide a free credit report to you, upon request. So, NO EXCUSES – It’s FREE!  Stagger your requests throughout the year by requesting one credit report from one company, three different months during the year.

2.) Place a “Freeze” on your credit file with all three credit bureaus. There is no cost to freeze your credit. So, again, no excuses! Placing a credit freeze prevents a fraudster from obtaining credit in your name. A credit freeze is much more secure than the credit monitoring packages being sold by the credit bureaus and other credit monitoring companies such as LifeLock. Also, don’t let the credit bureaus try to talk you into placing a “Credit Lock” instead of a Credit Freeze”. Credit Locks do not have the same consumer protections that a Credit Freeze provides.

3.) Use two-factor authentication as a secondary firewall to prevent criminals from impersonating you. Also referred to as “2FA” – Two-Factor Authentication is an extra layer of security that requires not only a username and password, but also something that the user has on them like an email address or a cellphone that a code can be sent to. This proves that you are who you claim to be before you can obtain full access to your account.

4.) Use stealth and long passwords (at least 12 or more characters) that are hard to crack. The best passwords are phrases mixed in with symbols, numbers and upper & lower case letters. Don’t use obvious things like, mother’s maiden name, birth dates, addresses, phone numbers or any info that can be gleaned from your social media account. NEVER use the same password for other log-ins. Why? If your password is compromised, a criminal will try using that password to log-in to other websites, like banks, PayPal, Amazon and other commonly frequented websites. Also, be sure to change passwords every so often, especially if you learn of a data breach that affects a website or an account you have with a company.

5.) Monitor your accounts whenever your bank and credit card statements arrive. Be sure to also check your Explanation of Benefits for medical services. Correct any errors you find and report any discrepancies.

6.) Keep your software updated and back up your data. Whenever there is an update available for your software programs, be sure to follow through and perform a timely update. Better yet, set your programs to update automatically. Make a habit of backing up your important files on a regular basis. Back up all files that you wouldn’t want to lose if your computer ever crashed.

There’s no 100% guarantee that following these steps will fully protect you from becoming a victim of identity theft, but it will certainly lower your chances.  Awareness and constant vigilance is paramount in this game of cat and mouse.

You can read a prior article I wrote about Credit Freezes here

ID Thief Fights Crimes

ID Thief Fights Crimes – That in the past…He Helped Commit

It’s a rare occasion when an ID Thief fights crimes they actually helped commit. Brett Shannon Johnson is one of the few, who stepped away from the dark side. He now works with law enforcement to actually help prevent ID theft crimes, he once helped perfect. There was a time when he was on the Secret Service’s “Most Wanted List”! He was busted several times and spent more than six years behind bars. Maybe that’s why he decided to turn over a new leaf.

Johnson recently spoke about his crime spree and shared his insight into the criminal mind during an interview with NBC news.  Here is a quote from Johnson:

Cybercrime is not rocket science, it’s extremely easy”. “These days someone, who has no experience at all, can take classes on how to commit these crimes. They can buy tutorials or partner with others. All the necessary tools they use are basically off-the-shelf products”. 

Johnson goes on to say:  “I didn’t care who the victim was, I always tried to justify it. I told myself, I’m not ripping off the person, I’m ripping off the store or the government or the bank…and they could afford it”.

Some Of The Crimes He Committed:

~ His life of crime started at the age of 10 – Shoplifting.

~ Insurance Fraud – by getting a payout from a phone car accident.

~ Scamming people on Ebay – by selling non-existent merchandise.

~ Filing fake tax returns and requesting refunds of dead people – who hadn’t yet been reported as ‘deceased’ to the IRS. It only took him six minutes to file a bogus return, using stolen info. He made $6,000 a week, doing so.


ID Thief Fights Crimes



The Equifax data breach, which happened in September of 2017, exposed the personal info of almost every adult U.S. citizen. Compromised records included the social security numbers, birthdates, names and addresses of 145.5 million Equifax customer files. This information is priceless to a criminal!

Social Security numbers and birthdates cannot be changed and never expire. Those 145.5 million victims, who were affected by the Equifax breach, will now have to be ever-vigilant for the rest of their lives!

Every year, we break another record for the number of successful data breaches. There were 1597 data breaches as of the end of December, 2017. Tax ID Theft, Employment ID Theft and Medical ID theft will increase exponentially as a result of the Equifax breach alone.

ID Thieves have continued to adapt and morph their techniques and scams to snag many more millions of unsuspecting victims. Account take-over grew (by 36 percent), resulting in losses of $2.3 billion. Tens of millions of Robocalls are blasted out each day, for a total of 30 billion calls in year 2017 alone.  ATM and gas station skimming devices are ubiquitous. Cybercrime and Ransomware are a growing threat for citizens and companies worldwide.



In previous years, an ID thief would have to buy stolen information from other criminals on the dark web – an underground black market where personal information is bought or auctioned off to the highest bidder. Before the Equifax breach, criminals were never really certain whether the info they gleaned was correct.  Since the Equifax breach, they now know the information is genuine.

A criminal can easily file a false tax return, get a job, get free medical care, take over social security accounts, apply for student loans, take over a credit account or open up new credit accounts. In other words, the sky’s the limit for ID thieves.



Privacy is a thing of the past. No one, dead or alive, is immune from the perils of Identity Theft. Individuals must take matters in their own hands. The Federal Government needs to get serious about tackling this crime spree or the problem is only going to get worse for ALL of us! It is now just a matter of when it will happen to you.

Please don’t shoot the messenger!  I’m just trying to enlighten you!!!


Every two seconds someone becomes a victim of identity theft! That equates to over a million people a month and over $16 billion annually. No one, dead or alive, is immune to identity theft. It’s no longer a matter of IF, but WHEN.  Identity Theft is so commonplace, that it is now referred to as “The Crime of the Century”!

Identity Theft

So what is identity theft?  It is a crime, in which the criminal obtains key pieces of ‘personally identifying information’ (PII), such as your social security number, birthdate or driver’s license, and impersonates you. The US Department of Justice defines it this way: “Identity Theft and Identity Fraud are terms used to refer to all types of crimes in which someone wrongfully obtains and uses another person’s personal data in some way that involves fraud or deception, typically for economic gain”.

When your identity is stolen, you not only lose your money, but also your good name. It is a very stressful process to repair the damage done and it can take many months or even years to remedy the lingering effects of identity theft.

There has been a flood of data breaches, resulting in millions upon millions of personally identifiable information (PII) stolen and then sold to the highest bidder on underground websites.  Malware and Ransomware extorts $1billion a year from people and businesses worldwide. The internet has become a perilous place.


Medical Identity Theft is when your medical insurance ID is used to get medical services in your name. Your medical records get contaminated with incorrect health information and you get hit with the bill. Guard your insurance number.

Tax Identity Theft is when someone uses your SS# and files a fraudulent return to get a big refund. File your taxes as early as possible to avoid this problem.

Criminal Identity Theft is when your identifying information is given to the police during an arrest. It attaches a criminal’s crime to a police record in your name.

Child Identity Theft is when the Social Security numbers of children are used to create a false identity to establish a new credit history. Kids under 18 are 51 times more likely to become victims of ID theft. Parents should place a credit freeze on their kid’s credit file.

Deceased Identity Theft, referred to as “Ghosting”, is when the stolen identity of the recently deceased is used to open lines of credit, get a loan, or get a job or file a fraudulent tax return.

If you wish to decrease your chances of becoming a victim, then prevention, intuition and education are your tools. You need to think of your identity as an asset to be protected, as you would protect your cash, jewelry and other valuables.

My mission is to help bring awareness to this very serious problem. ID theft affects businesses worldwide and affects people young and old. It is my intention to help you lessen the chances of becoming the next victim. My blog sets out to do just that.

Remember, knowledge is power & awareness is your weapon!

Identity Theft Prediction: It Worsens in 2018

My Identity Theft Prediction – It worsens in 2018 as fraudsters are getting even more adept and brazen than ever before!  Will consumers be smarter and more pro-active about protecting their identity in 2018?  I predict – NOT!

I sincerely hope your New Year’s Resolution list includes taking steps to protect  yourself from identity theft. If we learned anything at all in 2017, it’s the fact that it is imperative to do everything possible to safeguard our PII (Personally Identifiable Information).

Always treat your personal information as a valuable asset that needs to be protected from hackers, scammers and identity thieves.

Identity Theft Prediction
Guard your identity with everything you’ve got

ID theft comes in many forms, but data breaches topped the list last year. There were a total of 1293 data breaches as of 12/20/2017. The Equifax breach alone exposed the PII of 145.5 million U.S. Citizens! All the information in that one single data breach, gave Identity Thieves everything they needed to make you a victim of Identity Theft.


Thieves steal your personal information in a variety of ways:


  • FIRST – They steal your PII – Personally Identifiable Information
    • Mail, Trash, Un-shredded Documents
    • Redirect your mail – by submitting a Change of Address
    • Phishing – emails, phone, texts, websites, popups, fake Ads, surveys
    • Employee Records – Stolen or Compromised at work
    • Data Breaches – PII stolen or purchased from Underground Websites
    • Relatives, friends, caregivers who have/gain access to your info
  • THEN – They use your PII to…
    • Use your PII to apply for Credit Cards, Loans, Utilities, Phone Services
    • Counterfeit – Checks, Driver’s License, Passports, fake Credit Cards
    • Use your SS # to File Tax Returns or Get a Job
    • Use your ID during an Arrest
    • Impersonate you for purposes of account takeover



  • Always wait 24 hours before making important decisions
  • Shred it! Never discard items with personal info on it
  • Never click on links or open attachments in emails/texts
  • Use EMV chipped cards for better security
  • Use unique passwords on online accounts
  • Use a Uni-Ball pen #207 when writing checks
  • Only place bills in secure mailboxes
  • Examine bills for any discrepancies
  • Reconcile checking accounts promptly
  • Never provide your SS# or Medical ID # unless required to do so
  • Make copies of everything you carry in your wallet
  • Use strong passwords on your wireless connection
  • Use a low balance prepaid card for recurring charges
  • Do an internet search by adding “Scam”, “Fraud”, or “Complaint” after a company name or product
  • Don’t send $ via untraceable methods like bank wires, or prepaid cards


Remember: When it sounds “too good to be true” – it probably is…

To learn even more – go to the Federal Trade Commission (FTC) website: https://www.consumer.ftc.gov/topics/identity-theft

Also read a previous article about the Equifax Breach

I hope my Identity Theft Prediction is wrong…

Stay safe out there and I wish you a wonderful New Year!




Cybercriminals are hell-bent on Phishing for Social Security Numbers, (SSN) because it’s the fastest and most effective route to stealing your identity!

During the first half of year 2017, about 60 % of all data breaches involved the exposure of Social Security Numbers (SSN).  When a company or organization gets hacked, nearly half (47.7%) of these attacks involve Phishing. The grand prize of these phishing expeditions is to reel in as many Social Security Numbers as possible.

Email Phishing Social Security Numbers
Never Click on Unsolicited Email Links/Attachments

Phishing – Favorite Tool in a Cybercriminal Arsenal!

Phishing is mostly done via texts or email. Cybercriminals attempt to lure or entice their victim into clicking on a link or open an attachment in a text or email. Once the victim complies, they are directed to provide personal information, including their SSN. Malware may also be downloaded giving them access to all your files.

Similarly, Spear-Phishing, is a more laser-focused Phishing attempt. For example: Cybercriminals target a company’s Human Resources Department, seeking payroll information in order to steal the Social Security numbers of its employees.

Armed with your SSN – a Criminal can do a lot of damage!

Once your Social Security Number is gleaned via Phishing or a data breach, they will easily make you a victim of identity theft. They can establish new lines of credit, open bank accounts, apply for personal loans, open utilities or phone service, file a fraudulent tax return and even get a job, using your SSN.

Additionally, the medical ID number of most Medicare recipients is their SSN. Identity thieves are well aware of this fact. So, by phishing for the Medicare information of a recipient, the thief is able to gain access to their SSN too.



  • Never provide your SSN to anyone who requests it. Always ask if you are legally required to give it to them. Always offer some other form of ID, such as a Driver’s License or code number instead.
  • Never click on links or open attachments in emails, unless you are 110% sure it is safe to do so. Always check with whomever sent it to you first.
  • Never carry your Social Security card in your wallet, nor your Medicare card if it uses your SSN as your Medical ID number.