Detection of Dark Web threats targeting VIPs

Detection of Dark Web threats targeting VIPs


The Utimaco Deep Dark Web System (DDWS) is an innovative Digital Risk Protection & Dark Web monitoring platform that automates the monitoring of the surface, deep and Dark Web. This tool aims to protect companies, organizations (police and/or Law Enforcement Agencies (LEAs)), or individuals/ VIPs from becoming potential targets of criminal activities such as fraud or cybercrime.


High profile VIP public figures such as celebrities or politicians face heightened risks from cyber-attacks due to increased digital exposure. Whether an individual is a politician traveling to a high-risk area abroad, or an employee from a public office being targeted by a phishing attack, it is an organization’s responsibility to detect, act on, and prevent Dark Web threats.

The challenge

When it comes to personal protection, physical security is no longer the only factor that needs to be considered. It’s critical to know when social media accounts of VIP’s are hacked or fake accounts are created in an attempt to discredit their persona and/or gain access to sensitive personal or classified information.

VIPs are highly susceptible to business email compromises (BEC) and other targeted data breaches, as shown in the examples below.

Other threats (digital and physical) involve elements of online activity, requiring security teams to augment on-the-ground personnel with cybersecurity tools and intelligence. It is time to hire not only bodyguards, but also cyber-guards.

Most common examples


Doxxing is the act of breaching an individual’s personally identifiable information (PII) on the web for malicious purposes. Nowadays, politicians and other public figures are often targeted as a form of online harassment or hacktivism. The PII can include the individual’s home address, phone numbers, emails, SSN, social media handles, financial data, and family members’ PII. Doxxed information can be used to leverage other attack strategies, like BEC scams.

Online threats

Online threats like cyberstalking for example is to stalk or harass an individual, group, or organization. It may include false accusations, defamation, slander and libel. It may also include monitoring, identity theft, threats, vandalism, solicitation for sex, doxing, or blackmail.

Account takeover

Account Takeover (ATO) is an attack whereby cybercriminals take ownership of online accounts using stolen passwords and usernames. Cybercriminals generally purchase a list of credentials via the Dark Web – typically gained from social engineering, data breaches and phishing attacks. They use these credentials to deploy bots that automatically access travel, retail, finance, eCommerce, and social media sites, to test password and username combinations and attempt to login.

BEC – Business E-Mail Compromise

Business email compromise (BEC) - also known as email account compromise (EAC) is one of the most financially damaging online crimes. Here are some examples of BEC scams where a cyber criminal sends an email message that appears to come from a known source;

  • A vendor that a company regularly deals with sends an invoice with an updated mailing address
  • A company CEO asks their assistant to purchase dozens of gift cards to send out as employee rewards
  • A homebuyer receives a message from their title company with instructions on how to transfer their deposit payment.

All of the email messages were fake although the victim was convinced that he/ she was conducting a legitimate business transaction. Upon transfer, the funds are steered to a bank account controlled by the organized crime group.

The solutions

With DDWS, Utimaco provides customers with a turn-key solution with the ability to search across Dark Web data sources to gather intelligence-related data. The data sources are constantly maintained and updated, and new data sources are continuously added. Access to these data sources will allow authorities to gain a comprehensive understanding of the Dark Web's activity and trends. This is accomplished through a user-friendly GUI which allows for the customisation of process flows, alerting and reporting to benefit an OSINT mission.

DDWS provides fully automated and detailed access to political (left or right-wing) forums, where politicians are mentioned and potentially threatened. Our solution enables the user to protect VIPs by rapidly identifying and remediating cyber and physical risks across an organization’s publicly accessible attack surface.

Key takeaways

  • VIPs such as public figures, celebrities, or politicians face heightened risks from cyber-attacks, as a result of increased digital exposure and risk.
  • Searching, monitoring, and investigating the Dark Web without the right tools can be near-to impossible. Often this is done manually, which is extremely time consuming. Or, it can be done by using multiple tools, resulting in complicated workflows and the inability to connect the dots.
  • DDWS gives users access to unindexed deep and Dark Web sources where current VIP vulnerabilities are discussed and published. DDWS enables the secure storage of data and the communication of information to those who are affected.

Contact us

We look forward to answering your questions.

Get in touch with us

Talk to one of our specialists and find out how Utimaco can help you today.