10 Dark Web Facts That You Need to Know

September 03, 2021
a death-star type background with a cream envelope emerging from a red energy blast

The dark web is where cybercriminals who want to undertake a successful phishing operation start their work. Bad actors use dark web forums and data dumps to gather the resources that they need to get the job done – and no resource is more important to a phishing attack than information. The details about people and businesses that hackers glean from dark web data markets and dumps is the fuel that powers phishing attacks including ransomware, business email compromise, credential theft and other damaging incidents. If phishing is the gateway to other cybercrime, then the dark web is the gateway to phishing. An estimated 60% of companies go out of business after a successful cyberattack like phishing. Learning about the dangers that your business might face from the dark web can help you make smart choices that enable you to stay out of trouble.


See how to avoid cybercriminal sharks, phishing & ransomware in Phishing 101. DOWNLOAD IT>>


10 Dark Web Facts That Tell the Story of Phishing Risk in 2021



Dark Web Facts – Why Cybercriminals Want to Phish Your Employee Credentials


Cybercriminals primarily undertake phishing operations to snatch employee passwords, and the more privileged the better. One major reason is that it is that a phished password easily allows them to steal your data. In fact, 90% of incidents that end in a data breach start with a phishing email. Data breach numbers have been skyrocketing all over the world since the start of the global pandemic, and phishing is at the root of many of those breaches – an estimated 74% of organizations in the United States have fallen victim to a successful phishing attack that resulted in a data breach in the last 12 months. The US is the leader in phishing-related data breaches for 2021 so far, with rates 30% higher than the global average, and 14% higher than the same period in 2020. 

The bad actors who phish an employee’s password aren’t the only folks that want it for nefarious purposes. Stolen credentials can sell for a pretty penny in the booming cybercrime-as-a-service economy. For a legitimate stolen corporate network credential, a cybercriminals is looking at making over $3,000. Among the most valuable phished credentials are those magic keys that unlock privileged access to corporate networks. They can go for as much as $120,000 each. That’s a price some cybercrime gangs will gladly pay to enable them to launch ransomware attacks that can fetch them millions in ransoms and small-time hackers are more than happy to phish passwords for them all the time for that kind of money.


What’s next in phishing? Find out in the 2021 State of Email Security Report! GET IT NOW>>


Dark Web Facts – Users and Traffic


If you’re curious about where the users that access data like yours are coming from, this chart is a handy reference. These users primarily access the dark web using the TOR browser. More than 2 million active users connect to the dark web through the TOR browser every day.

CountryMean daily users
Russia9982 (21.80 %)
United States6324 (13.81 %)
Iran3324 (7.26 %)
Germany2096 (4.58 %)
Belarus1791 (3.91 %)
Brazil1711 (3.74 %)
India1487 (3.25 %)
China1391 (3.04 %)
United Kingdom1299 (2.84 %)
Turkey1019 (2.23 %)

Dark Web Facts – The Economy


The relationship between phishing and the dark web economy has seen major shifts in the past year as new opportunities for cybercrime drove explosive growth. Everyone from major ransomware gangs to cybercrime-as-a-service gig workers are raking in crypto as cybercrime escalates. Demand for all kinds of skilled cybercrime work is high, and hackers that specialize in phishing operations are highly sought after – experts estimate that 90% of posts on popular dark web forums are from buyers looking for hacking and cybercrime enablement services. An estimated 69% of dark web forum hiring posts were looking for cybercriminals to do website hacking, while another 21% were looking for bad actors who could obtain specifically targeted user or client databases.  

Sometimes the hackers are advertising their services. About 7% of the forum posts measured were ads for hackers looking for work. Even in a booming economy, there are several reasons for hackers to be advertising their services. Some hackers have a very specialized skillset, like specialists in social engineering or experts in sophisticated spear phishing operations. Others may be niche hackers who stick to in social media scams or brand impersonation campaigns. Others may be new to the gig and trying to network, put experience under their belts or build their reputation. Of course, some cybercriminals prefer to remain drifters that move in and out of cybercrime gangs.  

Not all “hackers” are actually hackers. Some are developers who are selling their own easy to use cyberattack software making the barrier of entry to cybercrime low. A little over 2% of forum posts were made by cybercriminal developers who were selling the tools of the trade like phishing kits, That tech can make phishing a plug-and-play operation for low-skill new cybercriminals just getting into the game. A total phishing campaign including hosting costs $500 per month on average with prices starting at $30 per month. Low budget? No problem! The cheapest DIY kits are available for as little as $20. Researchers also noted that the number of ready-made phishing kits to choose from has doubled – some 16,200 unique phishing kits were identified on the market.


Still relying on an old-fashioned SEG? See why Graphus is better! SEE THE COMPARISON>>


These Dark Web Facts Show Exactly Why You Need to Protect Your Business From Phishing


When you deploy Graphus to protect your organization, you’re putting three powerful layers of automated security between phishing and your business. Powered by smart AI technology, Graphus catches 40% more phishing messages than the competition automatically, keeping more cyberattacks away from your employees than conventional email security solutions or clunky old SEGs.

TrustGraph is the star of the show, guarding your company’s inboxes against phishing messages that could contain cyberattacks. Using more than 50 separate data points, TrustGraph analyzes incoming messages to detect trouble before speeding them to their recipients – and it never stops learning, constantly gathering fresh threat intelligence from every analysis it completes to refine your protection.

EmployeeShield slips into place when a new line of communication comes into your business, adding a bright, noticeable box that warns employees to use caution when handling the message. This empowers every staffer to join your security team by marking a new message safe or quarantining it with one click for administrator inspection.  

Phish911 completes your triple-layered protection by making it easy and painless for employees to report any suspicious message that they receive to an administrator for help. For even greater safety, when an employee reports a dodgy message it is immediately removed from everyone’s inbox to prevent further trouble.

Our solutions experts are ready to give you a personalized demo of Graphus to show you how this affordable solution is the ideal choice to protect your organization from today’s biggest threats fast. Schedule a demo => 


Stay safe from even the most sophisticated cyberattacks and social engineering scams

Put the powerful TrustGraph® AI of Graphus to work for your business, and in minutes you’ll get a powerful, easy-to-use, and customizable EmployeeShield® against phishing attacks.
Get a Demo of Graphus