Proton Mail has just unveiled a new Dark Web Monitoring feature in a bid to bolster its security capabilities against widespread data breaches.
Incidents of data leaks are reportedly on the rise, as billions of people's credentials are exposed. The longer this sensitive information remains on the web, the easier is for cybercriminals to exploit it to their advantage. This new tool from Proton seeks to challenge this. By identifying and alerting you as soon as your credentials appear in a breach, you will be able to take action before bad actors get to them.
Already one of the most secure email providers on the market, Proton Mail now claims to be the first email service to combine end-to-end encryption and dark web monitoring protections. The new feature is now available on its web and desktop apps, but only for paid subscribers.
Encryption alone isn't enough
As the Head of Anti-Abuse & Account Security at Proton, Eammon Maguire, explained, the dark web is filled with leaked information, data, and credential dumps—and that's something that not even the strongest end-to-end encryption alone cannot protect against.
Take the data leak that occurred in January this year, for instance. Dubbed the "Mother of all data breaches," it unveiled a 12TB database that contained more than 26 billion records. It is the largest data breach to date. One of the best VPN providers, Surfshark, has analysed data breach records from 2004 onwards, and calculated that 3,353 accounts have been breached every minute in the first quarter of 2024—a considerable jump from the end of last year's average of just 627.
The owners of this leaked data are often unaware, yet cybercriminals are busy trading their sensitive details to launch identity fraud and other attacks. By taking advantage of the fact that most people may reuse their passwords on multiple accounts, criminals often execute what's known as a "credential stuffing attack." They enter thousands of these stolen passwords and email addresses across various platforms on the lookout for a potential match.
"While data breaches of third-party sites leading to the leak of personal information (such as your email address) can never be entirely avoided, automated early warning can help users stay vigilant and mitigate worse side effects such as identity theft," said Maguire.
That's exactly when Proton Mail's new Dark Web Monitoring tool comes in—a way for you to react as quickly as possible in case your credentials are being exposed.
The feature regularly scans all the corners of the dark web, which is exactly the section of the internet where your stolen personal information ends up. It looks for email addresses, passwords, and any other personal details linked to your account.
Proton will alert you in case it finds leaked details of any of your accounts for third-party websites. You'll receive comprehensive information about the breach and the data compromised. The provider will also suggest the steps to take to safeguard your digital identity and mitigate potential risks.
Stay safe from cyber threats!Dark Web Monitoring is available to all paying users of #ProtonMail. If you register for an online service that gets hacked or suffers a #databreach, Proton will now alert you, so you can take immediate action. 1 / 2 pic.twitter.com/qijm01eV3eApril 22, 2024
Proton’s dark web detection tool relies upon the company's very own threat intelligence datasets alongside data coming from a leading firm in digital threat management, Constella Intelligence.
The provider promises that no user data is ever shared with third parties to do this. However, Maguire explained the team does analyze reports "from third parties any time they find leaked information or data stolen in a hack from a third-party online service that’s tied to a Proton Mail email address or a Proton Pass/SimpleLogin alias."
Now available for paid subscribers on the web and desktop apps, Proton Mail Dark Web Monitoring can show all known breaches that have affected your accounts over the last two years. Those that carry a higher risk to your privacy are marked with red, while those where fewer details have been compromised are marked with orange.
Maguire said that Dark Web Monitoring will soon send notifications also to your Android or iPhone device so that you can take action even quicker. The plan is also to extend the data to watch out for, including custom domain emails and external email addresses you used to register to its Proton VPN, Proton Pass, and Proton Drive.
He said: "You may not be able to avoid data breaches, but thanks to Dark Web Monitoring and other Proton security features, you can mitigate risks and stay in control of your digital identity."
In case you believe to be particularly at risk of cyberattack, we also recommend checking out its Proton Sentinel program which is available for all Unlimited, Family, and Business subscribers.
