What is the dark web, and how do you access it?

The dark web is infamous for criminal activity – illegal goods, stolen data being sold, or hacker services being hired. While crimes are definitely a part of the dark web, there’s more to it. The dark web has some legitimate uses, such as people using it to protect their anonymity in countries with heavy censorship or reading news unaffiliated with political parties or agendas.

To understand the dark web, knowing how it differs from the surface and deep web can be helpful.

• The surface web (also known as the clearnet or open web) consists of all the public websites you can find online by typing their URLs into your browser’s address bar or looking them up on Google and other search engines. What you see on the NordVPN website, including this article, is a part of the surface web.
• The deep web is all content online that isn’t part of the surface web. Standard search engines like Bing or Google don’t index deep web pages. Most of the deep web comprises data hidden behind a password or paywall. If you log in to your Nord account, the information you see is technically on the deep web – data about your NordVPN subscription and the like. It’s still on the internet but not accessible without your login credentials.
• The dark web is a subset of the deep web. The dark web sites aren’t indexed by traditional search engines, their traffic is encrypted, and they require special tools to access.

You can think of the internet as an iceberg with different parts of it more or less visible.

The surface web is part of the iceberg above the water, visible and accessible to everyone. Then the deep web is right under the water – it’s less accessible, but basic swimming skills would be enough to get there. Meanwhile, the dark web is part of the iceberg deepest in the water – you’d need special diving equipment to reach it.

You need special tools and services to access the dark web.

A dark web browser is a tool needed to access dark web sites. While the dark web can be accessed by various browsers, Tor (The Onion Router) is the most popular and well-known.

The US government initially created Tor as a tool for different military organizations to exchange messages and information anonymously. Later it became open source and available to the public.

The name of this dark web browser comes from the method it uses to encrypt messages. The Tor browser wraps data in different layers of encryption (like an onion) and sends it through a network of ”onion” routers. Each router the data passes through sheds away a layer of encryption and sends the partially decrypted message to the next destination. The process repeats until the message arrives at its intended destination. While this technique increases Tor’s security and keeps the dark web operations anonymous, it slows down the performance.

A dark search engine is a search engine that indexes dark web sites. Since regular search engines like Google don’t index dark web content, dark search engines exist to find dark web sites and pages.

However, don’t expect to get the same kind of service and wide-ranging results as you do on Google. Dark search engines turn up a more limited number of most-visited dark web sites, and only some of these search engines can be trusted to protect your data.

Dark web sites are websites and webpages that cannot be accessed via regular browsers and web search engines. Dark web sites hosted on the Tor network have a .onion domain.

Like traditional websites, dark web sites can provide all kinds of content, both good and bad. Many popular websites, for example, Facebook, have a version of their site hosted on the dark web. But many dark web sites are also dangerous, and their content can be downright illegal.

Created by Ian Clarke in 1999, the dark web started as a final project at the University of Edinburgh. The original intent was to create a decentralized peer-to-peer file-sharing program.

The project soon evolved to become Freenet — a platform for free speech online. Users could discuss, share, and publish information anonymously and free of government censorship.

Freenet’s release to the public in 2000 helped activists to bring attention to the need for a way to stay anonymous online. It was followed by the Tor network, created by the US intelligence community to communicate in secret. Released to the public in 2004, Tor later became a browser offering easier access to the dark web.

Once cryptocurrencies entered the picture in 2009, Silk Road and other black markets started popping up on the dark web, making it the place to be for various criminals.

To learn more about dark web history, check out our video on the topic:

The dark web is not illegal, and it’s not illegal to be on the dark web. After all, it’s only meant to provide anonymity, which isn’t illegal in most regions.

However, illegal activities occur on the dark web, and accessing illegal content or participating in illicit activities can be a criminal offense.

Moreover, using the Tor browser – the primary tool for accessing the dark web – can be restricted or illegal in some countries. For example, China, Iran, and Russia block access to the Tor network.

Many threats and illegal activities are associated with the dark web, earning it a reputation as a dangerous part of the internet.

Malware infection

Verifying whether dark web sites are safe is challenging, so browsing on the dark web always comes with a higher risk of your device being infected by malware. Hackers could infect your device with ransomware and extort money from you or add your device to their army of bots used for various attacks.

Fraud and scams

Like malware infections, the likelihood of being scammed is much higher because many fraudulent schemes originate from the dark web.

Ponzi schemes, identity theft, credit card fraud, and other financial scams happen there, so if you fall victim to dark web scams, you can suffer significant financial loss and personal harm. And when a crime is committed, it’s much more challenging for law enforcement to track down the cybercriminals and get your money back.

Inappropriate content

The dark web has such a sinister reputation because it contains inappropriate content. From hacker forums and illegal pornography to terrorists organizing their operations, the dark web covers content you’d sleep better not knowing about.

Black markets

While the dark web itself is not illegal, participating in black markets is. Selling or buying goods and services on a black market can lead to legal repercussions, even if you’re unaware that the marketplace is illegal.

Extremist ideologies

Some dark web forums promote extremist ideologies, including terrorism and hate speech. These platforms may provide a breeding ground for radicalization and threaten public safety.

Zero accountability

Most dark web users feel anonymous and engage in illegal activities without fear of being identified or held accountable. You never know when a minor negative comment about another user will trigger them to cyberbully or hack you personally.

We do not recommend accessing the dark web unless absolutely necessary. It’s a dangerous area of the internet, so access it at your own risk.

Step 1: Download and install a dark web browser

Access to the dark web requires a specific browser. The Tor browser is the most popular tool. It works like a regular web browser but is much slower because of its multiple layers of encryption.

Step 2: Switch to a dark web search engine

Google or Bing won’t help you find anything on the dark web – you will need a dark web search engine like DuckDuckGo. It’s one of the few search engines that index .onion websites – the domain of all Tor sites.

Otherwise, you’ll only be able to navigate to sites if you know their address ahead of time. And these sites don’t have easy-to-remember names – for example, ProtonMail’s onion site can be found on protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion. Would you be able to remember such an address?

Step 3: Think about extra protection

While Tor will encrypt your traffic and hide your IP address, your ISP can still see that you are connecting to the Tor network. Your ISP may get suspicious and decide to throttle your bandwidth.

It may be wise to connect to a VPN server before browsing via Tor (though expect to experience a slower connection). And you should also think about malware protection because getting infected on the dark web is much easier.

Step 4: Visit the dark web sites

Once you have the necessary tools, you can visit dark web sites by adding their domains to the Tor browser’s address bar.

Once again, be cautious about what you download or do on the dark web – everyone is more or less anonymous there, so there is little accountability.

If a user or website you trust turns out to be malevolent and attacks you, you won’t have many options for getting help

On the other hand, using the dark web can be safer for whistleblowers, journalists, or dissidents whose communications are being monitored by governments or other organizations. It depends on who you are, what you’re doing, and how tech savvy you are.

Our general recommendation is to steer clear of it.

Most of the dark web’s bad rep comes from all the illegal trade that’s happening there. Hackers and criminals take advantage of anonymity to sell all kinds of illicit goods and services.

Stolen data

Hackers don’t always attack companies and individuals to use the breached data themselves. They can sell that stolen information on the dark web to other scammers and criminals. You may get a dark web alert if your sensitive information is discovered on the dark web.

Stolen data includes:

• Personal documents (passports, driving licenses, and IDs).
• Credentials to digital accounts (emails, social media accounts, cryptocurrency wallets, streaming accounts, and other services like Airbnb or eBay).
• Mobile phone numbers.
• Payment card details.

You can learn more about stolen data on the dark web in our dark web market case study and research about payment cards on the dark web.

Illegal substances

The Guardian called the dark web markets “the eBay of drug dealing” because drugs are among the most common goods on the dark web marketplaces. They were the most lucrative products on the Silk Road marketplace too. Dark web users can also find and buy other illegal substances, such as banned energy drinks.

Pirated files

Pirated software, movies, books, and other files are shared widely on the dark web. After authorities crack down on pirate websites on the surface web, the platforms often move to the dark web and operate there.

Hacking tools and services

Hackers can sell their tools and services on the dark web.

• A scammer can buy a full-blown phishing kit with phishing email and fake websites templates included.
• A spammer can lend a botnet to distribute spam emails without getting blocked by spam filters.
• A vengeful business can order a DDoS attack on their competitors.
• Anyone lacking the necessary skill can use ransomware as a service or other ready-to-go hacking tools to do the hacking without writing a single line of code.

These are just a few examples of hacking tools and services available on the dark web. Hacking techniques are rapidly evolving, and the hacking business is booming. That’s why cybersecurity is more important than ever.

Other illegal goods and services

Plenty of other illegal goods and services are available on the dark web. Firearms, counterfeit currencies, illegal pornography, human trafficking – you name it. Some things are so horrible that even illicit dark web marketplaces refuse to participate, so interested dark web users would need to go to the darkest places of the dark web to encounter them.

Legal goods

Despite the dark web sometimes catering to criminals, some of the marketplace items are entirely legal. For example, art and jewelry can be found on the dark web (and not necessarily after being stolen). Moreover, any business can sell its products on the dark web.

After all, not everyone buying on the dark web may need something illegal — they may only want to purchase goods anonymously.

Since a big part of dark web businesses is selling and buying stolen data, you may wonder if your data is on the dark web.

The chance that some of your information is on the dark web is high. Too many data breaches happen, with email addresses, phone numbers, and passwords getting leaked every day.

Fortunately, you can use NordVPN’s Dark Web Monitor and NordPass’ Data Breach Scanner to check if your credentials have ended up on the dark web.

You can enable Dark Web Monitor on your NordVPN app by going to “Settings” > “Tools.” When NordVPN discovers credentials linked to the email on your Nord account on the dark web, you will get an alert and see it on your app.

Similarly, Data Breach Scanner will monitor all the credentials and credit card details stored in your NordPass vault.

If Dark Web Monitor or another service notifies you about your data being on the dark web, here’s what you can do:

1. Change your password immediately. Go to the affected account and use a unique and robust combination of letters, numbers, and symbols as your new password. Change the passwords on all the other accounts if the old password was reused anywhere else.
2. Enable two-factor authentication. Even the strongest passwords can be exposed in data breaches, so you should have a failsafe when that happens. 2FA can be that failsafe. If you set up 2FA on your account, your password won’t be enough to access it – hackers will need an additional code or confirmation that you get in a text message, email, or an app.
3. Review your bank statements. Some breached accounts may hold your payment card details. If that’s the case, review your bank statements to see if any unknown transfers or other suspicious activity appear there.
4. Contact your bank. If bank or payment card details were found on the dark web, inform your bank about the possible hack. You can block your payment cards or mark your account as compromised to prevent unauthorized money transfers.
5. Check your device for malware. While it’s more likely that your credentials ended up on the dark web after some online service was breached, the chance that you were hacked personally is never zero. So use an antivirus scanner to check your devices for malicious software.

• Learn to spot phishing emails and fake websites. Besides data breaches, much personal information gets exposed when people click links in phishing emails and enter their data on scam websites. You can avoid exposing your information if you learn how to spot these fake sites.
• Don’t provide more information online than necessary. Online platforms can ask for a lot of information – from your email address to your home address or payment card details. Only provide this information on sites you trust and only when it’s actually necessary.
• Use multiple email addresses. Most email providers are free, so you can create more than one email address. Use one email address for important and sensitive communication, such as work or family-related emails as well as emails from insurance companies or health institutions. Meanwhile, use another email address for less critical data and accounts.
• Create unique passwords for every account. Reusing passwords is one of the worst internet habits. If a tiny website you used years ago gets breached, you may lose data and have your bank details exposed on a completely different platform. Use unique and strong passwords to prevent that from happening.
• Use a virtual private network (VPN). A VPN encrypts your connection to the internet and hides your IP address from the websites you visit. It can prevent third parties from intercepting your connection data, especially on HTTP websites or public Wi-Fi networks.
• Get NordVPN’s additional Threat Protection feature. Threat Protection offers malware protection, preventing malicious software, such as keyloggers or ransomware, from stealing your data.