How the Dark Web Fuels Phishing

Over recent years, rates of reported phishing attacks have skyrocketed. The dark web is making it easier than ever for hackers to learn about and conduct these attacks.

The Dark Web: A Gateway for New Hackers

The dark web is where many amateur hackers learn to create and launch cyber attacks. It opens the door to a thriving community of other cyber criminals and allows access to guidance, tips, and much more. New hackers can easily gain this information and start running their scams.

Over recent years, the dark web has grown to include gangs of hackers, gig work for hackers and even the sale of tools like Ransomware-as-a-Service. These tools are essentially ready-made hacking kits new hackers can pay to use. By working in gangs and with other, more experienced hackers, amateurs can launch successful attacks with fewer resources and less knowledge.

Phishing is often a starting point for new hackers. It’s one of today’s most common types of cyber attacks and often serves as the first stage of more dangerous attacks like ransomware. Research shows 91% of cyber attacks currently begin with a phishing email. The explosion in phishing attacks over the past few years indicates the growing number of amateur hackers learning to spread phishing content.

These attacks aren’t just hitting large corporations, either. One side effect of the growth of phishing attacks is a broader range of businesses and individuals being targets. While experienced hackers aim for high-profile companies, amateur hackers are likelier to target small businesses. In fact, at least 48% of all cyber attacks today involve a small- or medium-sized business, with an average cost of $200,000 per incident.

The Illegal Sale of Credentials and “Phishing Kits”

The dark web is facilitating the growth of phishing in a few specific ways, including the sale of stolen credentials and premade “phishing kits.” Many people assume hackers make their money by extorting victims using ransomware. While this is often the case, the dark web also allows hackers to make deals with one another and sell stolen information. A prime example is a large-scale data breach uncovered in 2022 involving Apple, Meta and Discord.

A network of hackers stole personal data from these prominent tech companies by abusing something known as an Emergency Data Request (EDR). Government officials can use an EDR to get personal data in the event of a time-sensitive emergency.

The hackers in this case used stolen email credentials purchased on the dark web to make their fraudulent EDRs look legitimate. Another hacker conducted their own phishing attack to steal

those credentials, then resold them to other hackers for a couple hundred dollars per stolen account.

This practice is common on the dark web today. If a new hacker doesn’t know how to conduct a full-scale ransomware attack, they can still profit from a phishing campaign by harvesting login credentials. As a result, phishing itself has become a profitable form of illegal business on the dark web.

Additionally, more experienced hackers are fueling the growth of phishing by providing amateurs with simplified tools for conducting phishing. Ready-to-use “phishing kits” are making it extremely easy for new hackers to launch a phishing attack successfully, even with little knowledge or experience. The dark web serves as a marketplace for this type of malware tool.

The Dark Web as a Community for Cyber Criminals

On a big-picture scale, the dark web acts as a community for cybercriminals, where they can form alliances and trade strategies. This community aspect may be helping to fuel the growth of phishing and cybercrime by enabling hackers to bond over their illegal activity.

The sheer anonymity of the dark web also makes it easy for hackers to share dangerous, unethical information with little fear of backlash. Today hackers can even create completely anonymous monetary transactions using cryptocurrencies.

Is the Dark Web Illegal?

Given the rampant spread of cybercrime through the dark web, one may wonder why accessing the dark web is not illegal. The dark web itself is simply a fully anonymized side of the internet, accessed through particular browsers such as The Onion Router. Studies show about 57% of dark web pages contain illicit material.

While many people who access the dark web use it to conduct illegal activity, others use it out of necessity. For instance, people in countries where internet access is restricted might only be able to access truthful information through the anonymity of the dark web.

This doesn’t mean the dark web is by any means safe, though. It contains a minefield of dangerous websites that can infect computers with malware. Phishing is standard on the dark web itself, as well. So, while accessing the dark web might not be illegal, most of the activity conducted through it is illegal — including the spread of phishing.

Defending Against Phishing Attacks

The dark web is fueling the rapid growth of phishing online today. While the risk of this growth is intimidating, there are ways to prevent falling victim to a phishing attack.

Be careful about visiting unknown websites or opening emails from unknown senders. Never share personal or login information through email, SMS, or online forums. Everyone can safeguard their data from hackers by staying aware of suspicious content online.

As the Features Editor at ReHack, Zac Amos writes about cybersecurity, artificial intelligence, and other tech topics. He is a frequent contributor to Brilliance Security Magazine.



Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.