ID Theft Resources

Share Article
14 December, 2018
3 Minutes
What Is the Dark Web and Other Deep Web Terms

Dan Rafter

Contributing writer

+ More
Display image

Dark web — the term alone sounds sinister. And it’s true, plenty of illegal activity can take place in this part of the Internet. But accessing the dark web isn’t illegal. And not every site found there is dealing in criminal activities.
The dark web is much like the world of Google, Yahoo, and all the other sites you visit each day. But sites making up the dark web are hidden from view. You can only access these sites with special browsers, The Onion Router, or TOR, being the best known of them.

There’s a difference, too, between the dark web and the deep web. The deep web also holds hidden sites. But these sites are mostly benign. The deep web is home to everything from password-protected email accounts, the private intranets run by businesses, government databases, and private sites that users can only access with a log-in name and password.
The dark web is a subsection of the deep web. Many of the sites on the dark web do focus on illegal activity. You can buy guns or drugs illegally on the dark web. You can visit online marketplaces that sell hacked passwords and bank accounts. Illicit pornography is available here, even child pornography.
But not everything in the dark web is illegal. Residents who live under government regimes that censor social media and punish dissent can rely on the dark web to reach out to others and publicize the wrongs committed by their governments. Others can research medical information that they might otherwise be embarrassed to study. Journalists often use the dark web to communicate with sources whom they want to protect.

Understanding the dark web can be confusing if you’ve never visited this corner of the online world. The growth of the dark web has spawned a whole new language, one that might be unfamiliar to those who aren’t tied into the underground economy of the dark web. But we can help.
Just check out this expansive glossary of terms to gain a better understanding of how the deep and dark webs function.


Many of the people searching the dark web prefer to remain anonymous. This isn’t surprising considering that many visit to do something illegal, whether that means buying drugs or trying to acquire someone’s Social Security number. It’s why many visitors log in with an alias, a screen name designed to keep their real identities hidden.
Not everyone who uses an alias, though, is involved in criminal activity. Political dissidents, for instance, might rely on aliases, too.


Bitcoin is basically the currency of the Dark Web. It’s a virtual currency — the most popular one — that visitors to the dark web can use to purchase items from online marketplaces or to subscribe to sites. Bitcoin is popular on the dark web because people can buy it anonymously. This gives them the chance to make illegal purchases without being tracked. People can also use Bitcoin to make legal but potentially embarrassing purchases, such as paying for pornography.
Cybercriminals often use Bitcoin in ransomware scams. These criminals will take over your computer, locking it up, until you pay a ransom, using Bitcoin to make your payment.


A blockchain is a type of database — made up of blocks of information — that records a series of transactions. The information in a blockchain is distributed across a series of users or computers, meaning that there is no one central person or agency that has control over the transactions recorded in it.
The Bitcoin blockchain is one of the most important, a public record of all Bitcoin transactions. As with all blockchains, past transactions, once added to the chain, can’t be altered or erased.


There is a lucrative market on the dark web for credit card information. Hackers often offer working credit card numbers for sale at online marketplaces. Other criminals can purchase these numbers and then run up thousands of dollars in fraudulent purchases while using them.

Carding is the term used to describe the practice of stealing credit card information and selling it on the dark web. How serious is this problem? The cybersecurity firm Sixgil in a report said that there were more than 23 million stolen credit and debit card numbers for sale on the dark web in the first half of 2019.


You know that the dark web is the mostly hidden part of the Internet. The Clearnet, though, is another term for the traditional Internet we all know. This is the Internet that is home to the sites you visit every day, from the home page of your online bank to your favorite news sites, Facebook, Twitter, and YouTube. Anything you can access with a traditional browser such as Chrome is part of the Clearnet.


You can consider cryptocurrency to be a type of money, one that is used commonly across the dark web. Unlike dollars, pennies and quarters, though, cryptocurrency is virtual or digital. It consists of nothing physical.

Visitors to the dark web often use cryptocurrency — including Bitcoin, the most common form of cryptocurrency — to purchase items both legal and illegal. Why? It’s difficult to trace cryptocurrency, which makes it the perfect currency for customers who want anonymity. Cryptocurrency is also decentralized, meaning that it is not issued from a central point, but instead on a peer-to-peer basis.


The darknet is another name for the dark web. The darknet is the home to hidden websites, sites that you won’t find during a typical Chrome or Bing search. You’ll need special browsers and tools to explore the sites that exist on the darknet.


Doxing is often used as a form of revenge. It’s when someone posts the personal information — or documents — of someone online. The goal when doxing is to expose the true identity of someone who has been operating in anonymity.
You might wonder where that name comes from. It’s a shortened form of the phrase “dropping dox,” meaning posting documents that could identify someone who prefers to remain anonymous.


When data is encrypted, it is scrambled, making it unrecognizable. This is important: It’s a key way to protect important information, both financial and personal, on the web. Often, you’ll need an encryption key to open encrypted data.
But what if you are sending financial information to your bank or credit card provider? Today, most websites use something called Secure Sockets Layer, a way to encrypt data that is being sent to and from a site. This form of protection keeps cyberthieves from stealing that sensitive data while it is being transmitted. You’ll know a site offers this protection if its address starts with “https://” instead of “http://.”


Businesses, financial institutions and government agencies rely on firewalls to protect their websites from cybercriminals. A firewall, as its name suggests, is a network security device that monitors traffic both incoming and outgoing and decides whether to allow or block that traffic. Firewalls make this decision based on a set of programmed security rules.
This protection isn’t just for businesses, though. You can protect your own computer by installing a host-based firewall. A host-based firewall is stored on a single computer. These firewalls can serve as an early line of defense against cyber criminals and malware.


One way that security experts study cybercriminals and online attacks? They set up honeypots. A honeypot is a computer or computer system designed to mimic something that would attract the attention of cybercriminals. Like honey to bears, the honeypot is too sweet for criminals to ignore.
Credit card providers might set up a honeypot that looks like a database of credit card numbers. When hackers attack it, the bank’s security experts can study where cybercriminals are coming from and how they are attacking. Security pros can then make changes to better protect their important data.
In 2015, security experts created a fake online railway control system as a way to study how hackers could attack systems when their goal was to put the public in danger. During a two-week period, the HoneyTrain was the victim of 2.7 million attacks.

IP address (aka Internet Protocol)

Every device connected to the Internet — including your laptop, smartphone, and tablet — has an IP address that identifies it. This IP, or Internet Protocol, address is a unique series of numbers separated by periods. Think of your IP address as you would your home’s street address: It identifies your device when you’re online.
Your IP address, though, isn’t always the same. If you work from home, you’ll have a different IP address than if you’re connecting at your local public library or nearby coffee shop. You’ll also get a new IP address if you change your Internet Service Provider.


Malware is malicious software that can damage your computer. You can infect your computer with this software by downloading it accidentally from websites or opening an infected attachment in an email message. You might download a file online without realizing that it hides malware.
What does malware do? That depends. Some malware allows cybercriminals to take over your computer behind the scenes. Other malware will copy your key strokes and steal your passwords, allowing criminals to access your personal and financial information. Some malware might freeze your computer’s most important systems and demand you send ransom money to a criminal.


Want to provide extra protection for your devices against viruses and malware? You should start with a good antivirus security software. But to boost your cyber safety, make sure your antivirus suite includes sandboxing applications.
Sandboxing forces the programs on your computer to run in an isolated environment, basically boxing them off from the rest of your machine. The benefit here is that programs running in the sandbox have only limited access to the other files and systems on your computer or other devices. When applications are running in a sandbox, they can’t make permanent changes to any of your systems.
You want to make sure, then, that your antivirus program sandboxes applications when you are using them. For instance, your antivirus program should automatically run your browser in the sandbox so that any malware on your computer won’t copy your passwords or online financial information.


How do hackers get all those credit card and bank account numbers that they sell online? Spoofing is one method. Criminals send spoofed emails that look like they come from someone’s bank or credit card providers asking them to, perhaps, click on a link to make sure that their accounts aren’t shut down. When users click, they are taken to a fake web page that asks them to enter their account information. Once users do this, the hackers can steal this information.
The lesson here? Never click on a link in an email, even if it looks legitimate. And never send your financial information when your “bank” asks for it. Instead, call your bank or credit card company to ask if they really do need this information.

Tor (aka The Onion Router)  

Tor, which stands for The Onion Router, is a browser that lets you search the Internet anonymously. It’s also a browser that people commonly use to access and search the dark web. With this browser you can find sites with the .onion suffix, sites hidden from other popular browsers such as Chrome.
To download the browser, visit Even with the browser, though, finding sites on the dark web isn’t easy. Remember, these sites are largely hidden. You might start by visiting the many lists of dark web sites you can find on the Internet. Just be careful: Many of the sites on these lists specialize in illegal activity.


Using a VPN, or virtual private network, is an important step in protecting your privacy while online. VPNs, then, are popular among people surfing the dark web who’d prefer to remain anonymous to Internet Service Providers, hackers and government bodies.
A VPN is a private server that you sign up with, either for free or, for possibly more reliable privacy protection, for a charge. When you connect to the Internet, your computer will first log into this private outside server before it accesses the web.
This can help boost your online privacy. The only people who will see what sites you visit, files you download or links you click will be your VPN provider and the people behind the sites you visit.

Get LifeLock Identity Theft Protection 30 DAYS FREE*

Criminals can open new accounts, get payday loans, and even file tax returns in your name. There was a victim of identity theft every 3 seconds in 2019°, so don’t wait to get identity theft protection.

Start your protection now. It only takes minutes to enroll.

Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Dropbox Not Hacked, But Your Account May Have Been Compromised
Dropbox said no breach had happened on its servers. “Your stuff is safe. The usernames and passwords…were stolen from unrelated services, not Dropbox.
Read More
Can Your Identity Be Stolen With Only a Name and Address?
Stay informed about the latest identity theft news and stories about what law enforcement and elected officials are doing to protect consumers from becoming victims.
Read More
Check-date fraud: Date your checks “2020” — here’s why | NortonLifeLock
If you don’t date your checks by using the full four-digit year in 2020, you could increase your chance of becoming a victim of check fraud.
Read More
Child Identity Theft by a Parent: What You Need to Know
Stay informed about the latest identity theft news and stories about what law enforcement and elected officials are doing to protect consumers from becoming victims.
Read More

Start your protection,
enroll in minutes.

Get discounts, info, protection tips, and more

Sign up for promotional emails