See if your information has been exposed in a data breach with our latest free tool Check Now

Dark Web Statistics: A Hidden World of Crime and Fear

Niek has worked at Eftsure for several years and has developed a clear understanding of the cyber threat landscape and the controls Australian businesses put in place to combat these threats.

The dark web has been known to be an unsafe place to conduct business, but do you know just how big of a threat it really is? The dark web has emerged as an important hub of criminal commerce, a fully functional marketplace where customers can buy from sellers without fear of reprisal.

Although it fosters a black market for illegal activities, the dark web’s anonymity has ensured that many law enforcement agencies remain largely unaware of its existence and impact on law enforcement activities in their jurisdictions.

Essentially, illegal activities are linked to targeted attacks on any size company. If you want to keep your business safe from these threats, be sure to check the dark web statistics that every business executive needs to know!

Author’s Top Picks

  • The number of dark web listings that could harm an enterprise has risen by 20% since 2016.
  • A stolen credit card sells for just $25 on the dark web.
  • In 2019, Evite experienced a data breach that compromised the personal information of more than 10 million Evite users.
  • About 65% of active criminal gangs rely on spear phishing powered by dark web data to launch attacks.

Dark Web Statistics

1. The number of dark web listings that could harm an enterprise has risen by 20% since 2016.

A recent 2019 study conducted by Dr Michael McGuires at the University of Surrey, Into the Web of Profit, demonstrates that listings on the dark web have increased by 20%. Of the 20% listings, potential threats against companies can involve malware, phishing, brute force, or trojan attacks.

2. According to Privacy Affair's Dark Web Price Index 2021, Cloned credit card with a PIN cost anywhere between $25 to $35 dollars.

The dark web isn’t indexed by regular search engines; it’s a marketplace for criminals to commit their crimes. Furthermore, some users are tempted to buy stolen credit cards or other sensitive financial data in order to make a quick profit. Scammers typically use the information they gather about people to target large companies.

3. Scientists and Experts that 96% of the Internet is hidden of which 90% is considered to be the Deep Web and the rest 6% is the darkest part of the web.

The Dark Web is the least accessible area of the Internet, shrouded in mystery. One will need to download and use the TOR browser to access it. At the initial time of its development, it was created for the U.S. defence organisation to send and receive the privacy information from their spy through an anonymous IP address. Now, Tor Browser is mostly used for only Darknet surfing and activities.

4. The dark web has grown over 300% since 2017.

Bitcoin has caused the increasing usage of cryptocurrencies among those who use the dark web. Many on the dark web trade cryptocurrencies by way of their personal wallet IDs. This way, buyers and sellers can easily purchase illegal goods and services from major black markets accessible through the dark web.

5. A few Fortune 1000 executives had their data exposed and posted on the dark web in 2020.

There are 25.9 million breached Fortune 100 business accounts and 543 million compromised employee credentials out there and according to a breach exposure report. The main cause was how employees recycle passwords across professional and personal accounts. Most of these data breaches are usually caused by insider threats or phishing scams.

6. 60% of the information available on the Dark Web could potentially harm enterprises.

The dark web is a popular place for criminal activity. Hackers who access the dark web can be found exchanging illicit products such as drugs, firearms, fake documents, and stolen credit card information. Additionally, hackers can organise targeted cybercrime against businesses through malware or phishing attacks.

7. A stolen credit card sells for just $25 on the dark web.

The price index from the dark web showed that cloning a credit card with a PIN number only costs about $25. There are more listings from the dark web than you would think. Individuals can find even cheaper listings when purchasing stolen credit cards or PayPal accounts.

8. 80% of consumers have had their emails leaked on the dark web.

Other than what’s sold on the dark web market— mainly illicit drugs—80% of people’s emails are exposed. Data leaks are the primary reason why most of the stolen online banking information is stored on the dark web.

9. $1,010 could be enough to buy a person’s identity.

According to the Privacy Affairs Dark Web Price index, a criminal could potentially buy enough personal data to claim someone’s identity for a little over $1,000. One of the benefits of using the dark web is users can remain anonymous.

Deep Web Statistics

10. The deep web makes up over 90% of the total internet space.

The parts used to divide the web are the Surface Web, the Deep Web, and the Dark Web. Surface web users, who navigate to sites like Google, Amazon, or Facebook day-to-day, are a small percentage of those who actually use the web.

The Deep web is made up of 90% of networks and data centres that aren’t indexed or searchable by common search engines. Consequently, 0.01% of the web is considered the dark web which requires a TOR network.

11. Deep Web content is slightly harder to find, 95% of those pages, videos and images are completely free to access.

Although Deep Web content is slightly harder to find, 95% of those pages, videos and images are completely free to access. Unlike the dark web, the deep web is usually harmless and can be accessed by anyone with a standard web browser.

The reality of cybercrime is that consumers and enterprises are more likely to experience ransomware attacks or phishing attacks from clicking on malicious web links than exploring the deep web. No matter which part of the web users explores, any internet activity must be taken with precaution.

13. Over 30,000 websites are hacked every day on the Deep Web.

Today, automated programs scour the internet to find websites with vulnerabilities that allow cyber criminals to get in and steal customer data. So where there is a vulnerability, cyber criminals will take advantage and do as they please.

Untold Stories

14. In 2019, Evite experienced a data breach that compromised the personal information of more than 10 million Evite users.

All in all, the darknet is the destination for illegal drug activities and suspicious criminal behaviour. One dark web fact is the case of Evite in 2019, 10 million Evite users had their data compromised in a major security breach. The cyber criminal who was orchestrating the ransom attack requested 1900 in Bitcoin. Evite did not comply and therefore, ended with all personal data being sold on the dark web.

15. The largest credential file to ever hit the dark web at once was the RockYou2021 password leak.

RockYou2021, a text file of approximately 100GB in size containing an estimated 8.4 billion passwords, was uploaded to a popular hacker forum by an anonymous user. In light of this, it’s not a stretch to say that cybercriminals spend a lot of time trying to acquire passwords for nefarious purposes through countless data breaches or ransomware attacks.

16. The Silk Road 2.0 takedown revealed sales of over 9.5 million in bitcoin.

Silk Road was an online black market and the first modern darknet market that allowed users to transact Bitcoin. It was operated as a Tor hidden service that allows the user to remain anonymous. According to reports, Silk Road 2.0 made over 9.5 million in Bitcoin from illegal transactions.

17. Dark web market spending hit new records in 2020.

At the height of the pandemic, the number of cyber-criminals and those on parts of the deep web taking advantage of the world at that time set records, according to the Secure World report. It is clear that cybercrime is big business: revenues from Darknet Markets are around $1.5 billion.

Crime Statistics

18. One site alone generated an estimated $219 million in annual revenue as of 2017, according to a new NIJ-supported report by the RAND Corporation.

The criminals of the dark web rely on technology that conceals transactions and crimes with an assortment of contraband, including drugs, weapons, and bombs. The criminal related side of the darknet uses anonymous technology to keep law enforcement agencies unaware of what’s happening.

19. On average, it costs just $120 for a hacker to steal your bank login information.

Criminals and hackers on the dark web have an array of resources, from weapons to cryptocurrencies, from private health information to drugs, that they offer to interest buyers. Popular dark web listings involve purchasing and selling sensitive data on the market for as little as $120. And an all-too-common request involves obtaining sensitive business data, via Business Email Compromise (BEC) attacks.

20. The demand for malware creation on the Dark Web exceeds supply by 3x.

The Dark Web is host to a plethora of hacker forums and marketplaces that offer malware, exploits, DDoS and hacking services etc. These products and services are bought through Darknet marketplaces that mimic legitimate electronic marketplaces. Currently, malware becomes tougher as cyber defences harden. Examples of malware that were discovered on the dark web include MACSPY, MacRansom, Karmen Ransomware RaaS, and more.

21. Malware software is often sold on the Dark Web. A set of premium malware tools can cost up to $6,000.

People looking to commit cybercrime or illegal activities often purchase malicious software through the darknet marketplace. Websites and forums related to this are emerging as something that’s caught a lot of interest among many with their low prices. These tools are powerful enough to take down a website or disrupt a business.

22. As COVID-19 continues, IntSights researchers have observed an increase in cybercrime activity in dark web forums.

There has been an increase in security measures on businesses in the form of both upgrading defence systems and using technologies like Dark web monitoring. Corporations can check the employee database if they’re at risk.

23. There is a cyberattack every 39 seconds.

On average, 2,244 computers are compromised per day. The dark web is not the only source of threats, though. Numerous factors contribute to statistics on computer hacking, including computer users with easy-to-guess passwords or cyber security vulnerabilities in companies.

24. About 65% of active criminal gangs rely on spear phishing powered by dark web data to launch attacks.

If a bad actor gathers information about their target like email addresses, personally identifying information, and other details from dark web markets and credential dumps, it will make the attack much easier for them to launch.


The Dark Web is a branch of the Deep Web which is purposely hidden and is not indexed by traditional search engines. The dark web can only be accessed by means of specialised software, such as The Onion Router (TOR). TOR is a tool both as a browser and a type of connection that provides you access to the Dark Web.

The Deep Web refers to any part of the Internet that is inaccessible to conventional search engines like Google or Bing and makes up over 90% of the Internet. The Deep Web is often used by the military, journalists, or whistleblowers. However, the Dark web is 0.01% of the deep web has found people using this part of the web for illicit or illegal activities.

Simply going to the Dark Web, or accessing the dark net, is not a crime. You would only be breaking the law if you purchase illegal items or perform illicit services.

According to the RAND report it’s estimated, that over half of the sites on the dark web are linked to criminal activity. The illegal actions include drug trades, crypto currency transactions, weapon purchases, and malware scams.

Unfortunately, many illegal activities on the dark web are aimed at businesses with low to nonexistent cyber security. It is risky for organisations of all sizes, locations, and industries to remain unsecured. Additionally, following an attack, any stolen data can be traded and reused in the future.

Subscribe to our blog

Subscribe to the eftsure blog to receive updates when we post.

The new security standard for business payments

Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.