You may have heard of the dark web. It’s a more private version of the internet that we all use every day, which can be both a positive and a negative. In terms of cybercrime, the dark web can be a place for cybercriminals to trade personal data and use it to launch cyberattacks. In this article, we’ll explain how your email could be affected by a data breach, what to look out for, and what to do if your email is on the dark web.

Is my email on the dark web?

The most common way for your email address to appear on the dark web is in a data breach. Hackers attack businesses’ online databases to collect personal information. They can sell this information on the dark web for a profit and use it to create phishing scams, target you with ransomware, or commit identity fraud.

If you’re worried that you’ve been affected by a data breach, here are some signs you can watch out for to see if your email address has been leaked on the dark web:

  • Receiving unusual notifications or emails indicates that your email address may have been used to create accounts, sign up for services, or make purchases.
  • Seeing payments you didn’t make appear on your bank statement.
  • Receiving emails saying that the passwords for your online accounts have been changed.
  • Seeing emails being sent from your email address that you don’t recognize.

What is the dark web?

If you’re not familiar with how the internet is structured, there are essentially three layers:

  • The surface web: Think of this as the ‘normal’ web. This is the internet you use every day, which is made of public web pages available to everyone and can be found using search engines.
  • The deep web: The deep web is made up of web pages that are not indexed by search engines. That means you can’t access these web pages unless you have the authority to do so, for example, if you know its URL or password. The deep web is used to protect sensitive data, so this is where your online banking, cloud storage, and government portals are stored.
  • The dark web: The dark web is similar to the deep web in that search engines don’t index it, and it can’t be accessed without specific requirements, such as a password or dedicated software. While there are many legitimate uses(новое окно) for the dark web, it is also frequently used to facilitate criminal activity. Users on the dark web can’t be tracked using geolocation or IP address(новое окно), which has led cybercriminals to use it to sell illegal goods and services.

Now, let’s take a closer look at how and why your email address could appear there.

How do email addresses end up on the dark web?

Cybercriminals steal customer data to make a profit, and the profit from stealing this data is increasing dramatically. In recent years, high-profile data breaches have seen millions of records leaked: in the UK, Marks & Spencer(новое окно) and the Co-op(новое окно) have recently been affected by large breaches. North Face and Cartier(новое окно) have also announced breaches of their own. TechCrunch estimates that in 2024, more than 1 billion records were leaked(новое окно).

In data breaches, many types of personal information can be leaked. The most common include:

Among all of this information, you might wonder why your email address is as valuable as your financial information: Your email address is actually your online passport(новое окно).

What can hackers do with my email address?

Your email address is tied to almost everything you do online. It helps cybercriminals see which websites you use, what you purchase online, who you communicate with, and more. It’s a very valuable piece of information for hackers because there are so many potential ways they can exploit it. Attackers can use your email address to find your accounts, create phishing scams to target your family and friends, blackmail you, and steal your money.

If you receive a notification letting you know your email address has been leaked in a data breach, you have time to minimize the damage that hackers can cause.

What to do if your email is on the dark web

The impact of a data breach can be difficult to handle, but you can still take control of the situation. Here are our top three recommendations if you find out your email is found on the dark web.

Inform the relevant authorities

You can mitigate the damage caused by a data breach by informing any service providers or local authorities. To inform your local police, in the US you can contact the Internet Crime Complaint Center (IC3)(новое окно) and in the UK you can contact Action Fraud(новое окно). Contact your your bank if you’ve noticed unauthorized transactions made from your bank account. Even if you haven’t noticed any unauthorized payments, you can freeze your card to be safe. If you’ve been a victim of identity fraud, you can also report this online. In the UK, Stop! Think Fraud(новое окно) has a useful checklist of actions to take if you’ve been the victim of identity fraud. IdentifyTheft.gov(новое окно) has similar resources for those in the US.

Change your passwords

Change the password for all your online accounts, including your email address. This is especially important because if a hacker manages to brute force or guess one of your passwords correctly using a credential stuffing attack, they’ll use that password to try and access your other online accounts.

You should create secure and unique passwords, a different one for each online account. This can be manual work because you’ll need to change all of your passwords individually. You can make your life easier by creating and saving each new password as you go using a secure password manager. That way, the health of the password can be tracked through Proton Pass automatically. Also, you can autofill your passwords next time you visit the website and save yourself the effort of remembering them all.

Start using two-factor authentication

Two-factor authentication (2FA) adds an extra layer of security to all of your online accounts. Depending on what type of 2FA is supported by each individual website, you can use:

  • One-time passwords (OTPs) generated by an authenticator app. We recommend not opting to receive OTPs by SMS as this is an insecure way to receive sensitive information.
  • Security keys such as a YubiKey
  • Passkeys. Only newer devices will be able to support passkeys, and not all websites currently support them.
  • Passphrases. We recommend storing passphrases in your password manager the same way you store passwords.

2FA is an excellent way to make it much harder for anyone except you to access your account. Even if your password is leaked online, a hacker won’t be able to gain access without your secondary login method.

How to prevent your email from appearing on the dark web

The best ways to protect your email address are built into Proton Pass, an end-to-end encrypted password manager. You can save valuable time and effort on using the internet securely whilst also ensuring that you’re protecting yourself against data breaches with a reliable and trustworthy tool.

Use hide-my-email aliases

The key to preventing your email address from appearing online is to not give it out. You should hide it and keep it private the same way you do your Social Security number or passport number. Hide-my-email aliases can help you do this.

An email alias is a randomly generated email address that you create and use to shield your personal email address. You can do this easily and automatically with Proton Pass, an easy-to-use and secure password manager that allows you to create and use email aliases.

You don’t have to remember all of your email aliases; instead, let Proton Pass remember them for you while you create individual email aliases as logins for all the websites you use every day. That way, businesses and hackers don’t know your real email address and can’t connect it to your email aliases in the event of a breach. You can simply turn off the alias and create a new one.

Use a dark web monitoring service

It’s impossible to manually scan the dark web for your email address, so specialized services such as Proton’s Dark Web Monitoring can do it for you. This service scans the dark web for any and all the email addresses you’ve saved in Proton Pass and alerts you if one appears. You can act quickly to change the password for that email address or get rid of the email alias, greatly reducing the risk that any of your accounts will be hacked.

Take control of all of your private data

Instead of focusing solely on keeping your email address off the dark web, you can keep everything you need in Proton Pass to ensure that it’s protected. The end-to-end encryption built into Proton Pass prevents anyone but you — even Proton — from accessing your information. However you choose the internet, on whatever platforms or devices you prefer, you can customize Proton Pass to suit your needs.