Digital Fraud, Data Leakage, Threat Intelligence

Browsing the Deep Web: The Major Risks that Brands Face

By Andre Luiz R. Silva on

We have spoken very recently here about the main things that are sold on the deep and dark web. Along with so many other crimes, surfing the deep web (and dark too, of course) reveals countless risks to which companies and brands may be subjected.

Based on the chart below, which categorizes the types of alerts that our Threat Intelligence Discovery team sends to our clients, we will list the various types of threats found in the depths of the Internet and how they function.


Note: Because this data was obtained by monitoring our clients' brands, we are not going to show images here, or divulge the channels in which the detections were made. If you would like to know more about our team's solutions and work, please contact us.


Data leaks


Data leaks are the most common problem affecting our clients’ brands, representing 51% of all alerts. No wonder we talk so much about the General Data Protection Regulation (GDPR), right?

So, these data leaks are the “donations”—or even exhibits—of credentials (emails, logins and passwords) and credit card numbers. Credential leaks can be used to attack any business, with a leaked password for example, giving cybercriminals access to internal systems. Leaked credit card numbers are generally a bigger problem for banks and financial companies.

In addition to sending our clients alerts, we send any new leaked bases straight to CardCast or HashCast, as well as MyPwd. By the way, if I were you, I would check to see if your personal data has been affected.


Fraudulent service ads

More than 3 out of every 10 alerts we send to our clients involve advertisements for fraudulent services! These detections expose cybercriminals who are offering to “assist” those in need of certain “services” (in return for payment, of course).
One hand washes the other, as the saying goes. Or maybe not.

Some examples of fraudulent ads include come-ons for half-price service purchases, such as on food and beverage delivery apps (“For sale: $100 order for just $40”), and promises of access to systems for all sorts of purposes. You just can't tell if it will work out...


Browsing on the deep web, more criminal sales

As you can see from the chart, there are all kinds of illegal sales affecting brands; to date, they constitute nearly 12% of the criminal activities we’ve detected on the deep and dark web. So let's talk about that bad stuff!

Accounts for sale

These are dummy bank accounts! Such accounts are usually negotiated individually. They are obtained by fraudsters through a variety of illegal means and then offered "for services" so that all the dirty money is accessible without actually identifying the criminals.

Cards for sale

Generally, entire credit card numbers (CCs), designated as “approved,” are sold in small lots. This situation is different from a donation because the intention here is to provide numbers that are already certain to work. Once again, we have no way of knowing if it’s a scam, right?

Sale of fake screens

Despite not coming in gift-wrapped boxes, phishing kits are real gifts. They are screens that enable complete (and even quite intuitive) programming of phishing scams and attacks.

Sale of logins

These are credentials that allow access to the Internet’s countless services. The sales are usually categorized by destination site, such as e-commerce and streaming services. That facilitates the path for those who want to use cards already included in those accounts.

Sale of checkers

These are the credit card testers. They are sold on the deep and dark web as ready-made packages, much the same way that phishing kits are sold, so that cybercriminals have only to enter the card numbers obtained to find out which are “approved."

Are you interested in quality digital risk monitoring and response? Then meet our
Threat Intelligence team and find out what we can do for you and your business!



Eduardo Schultze, Coordenador do CSIRT da Axur, formado em Segurança da Informação pela UNISINOS – Universidade do Vale do Rio dos Sinos. Trabalha desde 2010 com fraudes envolvendo o mercado brasileiro, principalmente Phishing e Malware


Andre Luiz R. Silva

A journalist working as Content Creator at Axur, in charge of Deep Space and press activities. I have also analyzed lots of data and frauds here as a Brand Protection team member. Summing up: working with technology, information and knowledge together is one of my biggest passions!