The dark web can be quite a dangerous place if you do not take the right precautions. You can stay relatively safe with a good antivirus and a decent VPN. However, if you want to be completely anonymous and protect your device you will need a little bit more than that. Below you will find 15 steps that can help you visit the dark web safely. However, do keep in mind that things change quickly and hackers get smarter every day.
- Make sure you’ve got basics down
- Use a mobile live OS (optional)
- Use a VPN to encrypt your internet traffic
- Download Tor from its official website
- Take security precautions
- Forbid scripts in the Tor browser
- Change the security level in the Tor browser
- Check if there’s not an IP-, DNS-, or WebRTC leak
- Be aware of common dark web myths
- Use additional anonymous services
- Avoid logins, subscriptions, and payments
- Know where you’re going
- Use cryptocurrency
- Close everything when you’re done
- Realize that you are never 100% safe
- Consult online guides, blogs, search engines, chat sites etc.
1. Make Sure You’ve Got Basics Down
This may sound boring. But the dark web is a complex place where a lot can go wrong. It is full of scammers, malware and phishing websites. Sometimes it is better to learn by doing. With the dark web, however, this is not the best method. You would rather not infect your computer with malware or lose a lot of money before you understand how it all works. There are more than enough people on the dark web who want to abuse ignorance.
That is why it is important to know exactly what you want to achieve on the dark web before you download the software or start browsing. If you know what you want to do or discover on the dark web you can prepare yourself better:
If you are just looking for something exciting or unusual: Make sure you know how to safely navigate the dark web.
If you are trying to make a profit through Bitcoin or other cryptocurrencies: Make sure you understand how cryptocurrencies work, what the blockchain is and what reliable platforms are for dealing with other users.
2. Use a Live Mobile OS (optional)
Anonymity is the most important thing to protect on the dark web. Not because the dark web is illegal (it isn’t), but because the more anonymous you are – the safer you are. Unfortunately, operating systems like Windows 10 are not very well suited for privacy on the dark web. Windows does the following that do not help your anonymity:
- Your data is continually synced: browser history, open websites, app settings, and wifi hotspots are all tracked
- Your device is automatically linked to a unique advertisement ID for third parties
- Cortana collects data such as: your keystrokes, search results, microphone audio messages, calendar information, music playlists, and even your online purchases
- Microsoft can collect all sorts of personal data: your identity, your passwords, habits and interests, user data, contacts, and locations
If a hacker manages to get into your system via the dark web, all of this information can potentially be exploited by that hacker. Many of these settings in Windows can easily be turned off (though not all!). You can do this by going through the settings in Windows or by using a nifty piece of software like W10Privacy.
A much better idea than going on the dark web via Windows 10 is to use a live mobile OS like Tails, Whonix, ZuesGuard or Qubes.
Tails, Whonix, ZeusGuard, or Qubes
Tails (The Amnesiac Incognito Live System) is a live version of Linux OS that won’t leave any trace of your activity or the OS on your computer. This free OS can be downloaded onto a USB flash drive or DVD. You do not have to install it on your computer. You simply plug in the USB flash drive or insert the DVD when you want to browse without leaving a trace and load the OS. It cannot save cookies on your hard drive unless you personally tell it to.
Tails also has the Tor browser pre-installed. The Tor browser is essential for getting on the dark web and installing Tails on a flash drive saves you the trouble of installing Tor on your PC or laptop.
Alternatives for Tails
Whonix is much like Tails in that it is a live OS that runs next to your regular OS. In other words, you can use Windows, Mac, or Linux and just use Tails or Whonix on the side. Everything you do on Whonix is routed through Tor. The difference is that Whonix runs simultaneously to your regular OS through a virtual machine. This makes logging in and out of the dark web much faster and simpler. It arguably also makes it less safe. Their homepage has detailed instructions.
Qubes OS is a single user, desktop operating system with a bunch of virtual machines running inside it. It only has about 30k users. It is arguably your safest option because the OS is comprised of several different virtual machines. Edward Snowden, for example, uses Qubes OS to safeguard his anonymity.
Live OS do not support VPNs
It is very important to note, however, that many live OS do not support VPNs. This is for a good reason. These types of operating systems run on isolated virtual machines, meaning there is very little to connect it to your identity or anything else on your computer. In this case, having a subscription to a VPN might actually make you more detectable than just using the Tor network. This is because VPNs, in this case, would introduce a permanent entry guard or a permanent exit node. This just means that, ironically enough, the VPN introduces a new method for detection.
- So, when using a live OS –> Use Tor, but not VPN (you can skip step 2 and 3 and go on to step 4)
- When using Windows, Mac, or Linux –> Use VPN and then Tor (go to step 2)
Of course, not everyone feels comfortable downloading and using an entire new operating system. If you choose to not access the dark web via Tails, make sure to follow these next steps.
3. Use a VPN to Encrypt Your Internet Traffic
Even if you use the Tor browser, your traffic can still be traced back to you by anyone with sufficient time, resources, and know-how. In fact, the Tor browser was found to have a vulnerability in 2017 that in some instances leaked real IP addresses. This problem was especially serious for MacOS and Linux users. If these users had taken the precaution to also have a VPN operating in the background, however, their real IP addresses would not have been compromised.
Therefore, it is highly advisable that you use a VPN in addition to Tor while browsing the dark web. VPNs encrypt your web traffic and make sure your IP address is hidden from any hackers or government surveillance, even if there is a leak within the Tor browser. For more information on VPNs, see our detailed explanation. Please be aware, however, that not every VPN provider is equally reliable. Free versions often suffer from slow service, data limits and security leaks. We would recommend using NordVPN as a good VPN that works well with Tor.
- Excellent protection and a large network of servers
- Nice and pleasing application
- No logs
Please take note, however, that many live mobile OS like Tails do not support the use of a VPN. If you are using one of these live mobile OS, you can skip this step of installing a VPN and go straight to taking some extra security precautions.
4. Download Tor From its Official Website
The mobile live OS such as Tails and Whonix already have the Tor browser pre-installed so you can skip ahead to step 4 if you use those. For Windows, Mac, Linux or Android users, however, this is important.
The Tor browser is an interesting target for hackers and government agencies. Fake versions of the Tor browser have been created to either breach users before they even access the dark web or monitor the behavior of a user while on the dark web. The latter approach is especially attractive to government agencies.
As such, you should always download the Tor browser from its official website: https://www.torproject.org/
Make sure you always download the latest version of the browser and keep it up to date at all times. That way, you will ensure you have the latest security safeguards in place.
5. Take Safety Precautions
Before you open the Tor browser, you should:
- Close all non-essential apps on your machine, e.g., Netflix, password managers.
- Stop unnecessary services from running, e.g., OneDrive.
- Cover your webcam with a piece of paper. It is shockingly easy to gain access to your webcam, even without you noticing.
- Have a reputable and fully updated antivirus program installed on your device.
- Install quality and up-to-date anti-malware software. For more general information on malware, see our malware section.
- Turn off your location on your device. Your location can be found through your IP-address as well as your device itself.
- In Windows 10, you can turn off your location from Settings > Privacy > Location > Turn off location + erase location history
- For macOS: System Preferences > Security & Privacy panel > Privacy > uncheck “Enable location Services”
- For Tails or other live OS: you will not have to worry about your location being leaked.
The dark web is crawling with hackers who will seize any opportunity to exploit any detail you may have overlooked. If a hacker from the dark web manages to hack your system, all the apps and services you have running in the background are open to attack.
Essentially, the best way to stay safe on the dark web is to make sure that a potential hacker has little or no information about. This means you should not randomly browse around the dark web or give out personal information. Do not click on any suspicious links. Leave as few traces of your presence as possible. These precautions will decrease the odds of you being targeted.
Once you have opened the Tor browser, do not change the size of Tor browser screen. Oddly enough, this will keep you safer. Moreover, to be on the safe side, never type directly into the Tor browser. Instead type your search out in a notepad and copy past it into the browser. Advanced methods of tracking can identify your specific way of typing.
It also doesn’t hurt to check how well your Tor browser (or your everyday browser for when you’re not on the dark web) is secured against tracking. Panopticlick allows you to check with just one click if your browser is safeguarded against: advertisement-trackers, invisible trackers, so-called “acceptable advertisements” and your digital fingerprint.
6. Forbid Scripts in the Tor Browser
Scripts on websites can be used to keep track of what you’re doing online: they become part of your digital fingerprint. Tor has included a nice feature in its browser to ensure no websites are able to run scripts on you. To activate this, go to the upper right corner of the browser and click on the symbol with the letter “S”. Select the option Enable restrictions globally, and you’re good to go.
It is important to change these settings because websites often run scripts without notifying you. This is especially dangerous on the dark web as .onion-websites are unregulated and there is a lot of malware going around. By blocking scripts, you reduce the chance of your computer getting infected. However, even blocking scripts doesn’t protect you from all harm. Caution should therefore still be exercised when browsing the dark web.
In order to verify if you have successfully forbidden scripts in the Tor browser, look at the “S” in the upper right-hand corner. When there is an exclamation mark next to it, websites could still be running unauthorized scripts. If there is no exclamation mark, you’re safe from any unwanted scripts.
If you want to disable scripts for everyday use in a different browser, you can best do this through an extension.
7. Change the Security Level in the Tor Browser
It is also possible to increase the security level of the Tor browser itself. You can do this by clicking the Tor logo in the upper left-hand corner. Now select Security Settings. A window will pop up, enabling you to change the security level from medium to high.
Tor has included this security setting with the exact intent to safeguard its user from the many sites on the dark web that might try to take control over your device or spread malware. This setting is nevertheless restrictive as it does not allow you the unlimited browsing experience of the dark web. In the end, it is a decision between safety and access. We recommend sticking to the highest security setting.
8. Check if There’s an IP,- DNS-, or WebRTC Leak
It is possible that even after all of these safety precautions you are still running an IP- or DNS-leak. What this means is that through some kind of bug or leak, your IP-address is still traceable for third parties. WebRTC is incorporated into most browsers to allow real-time communications like voice and video calls. This allows you to talk straight from your browser by using your webcam, microphone or headset. The problem is that most voice calls are sent through a peer-to-peer connection, which requires your exact IP-address. So, if you are in Google Chrome, for example, and you have WebRTC running, your actual IP-address will be revealed even when you are using a VPN. This problem is especially prevalent with Google Chrome. To subvert this feature, you can install this Chrome extension.
To check if your connection is truly anonymized, go to the following websites:
On these pages you can see if your real IP-address is visible. All of these websites essentially do the same thing. At the top of the page your public IP-address is visible and underneath it is your location. If your VPN is working properly, your real address and IP-address won’t be visible anywhere on the page.
9. Be Aware of Common Dark Web Myths
There are many myths about the dark web. Being aware of them will give you a better perspective of what you can expect and hope to do on the dark web. By being aware of these myths you are less likely to fall prey to a hacker or scammer. These are some of the most common myths:
|All cybercrime takes place on the dark web||Most cybercrime takes place on the regular web|
|The dark web is massive||Compared to the deep web, the dark web is relatively small. The deep web is comprised of academic databases, banking portals, corporate data, company networks, webmail accounts, and much more. This is far larger than the 250.000 to 400.000 websites that exist on the dark web|
|The dark web is only for Tech pros or nerds.||If you take the right precautions, anyone can get on the dark web relatively safely. The Tor browser, VPNs, and Tails or other live OS are available to anyone and are not too difficult to use for a beginner|
|The dark web is illegal||The dark web itself is not illegal. The Tor browser that you need to access the dark web; however, uses very strong encryption that is illegal in some countries. As such, the dark web is indirectly illegal in some countries. These countries tend to have more far-reaching internet restrictions anyway. These are countries like China, Russia, Belarus, Turkey, Iraq, and North-Korea|
|Anything you can do on the dark web is illegal||The dark web itself is not illegal, nor is everything that happens on there illegal. Whether or not something is illegal on the dark web depends on the country from which you access the dark web. For clarity’s sake: just apply this rule of thumb: if something is illegal in the country you’re in, it will also be illegal to do that same thing on the dark web. So, if it’s illegal to sell drugs offline, it’s also illegal to sell drugs on the dark web. When in doubt, always be sure to find out what is legal and what is not|
10. Use Additional Anonymous Services
Anonymous search engines
For a good private search engine, you can use the search engine DuckDuckGo instead of Google. While most search engines won’t work on the dark web, DuckDuckGo does. The onion address for it is https://3g2upl4pq6kufc4m.onion/
Secure passwords are even more important on the dark web than on the regular (surface) web. If you don’t want to go through the hassle of coming up with a decent password every single time and safely storing them you can get a good password manager. Two good options are Bitwarden and LessPass. Both are free and open-source. The best option is to load these services via their website.
If you are going to download or upload files on the dark web it might be a good idea to get them encrypted. A reliable, free, and open-source encryption tool is PeaZip. This tool supports 181 different file-types. Unfortunately, PeaZip isn’t available to macOS users. An alternative for Mac users is Keka.
If you want to share files anonymously then OnionShare is a very good option. It is available for Windows, macOS, and Ubuntu. Dropbox and other file-sharing software like it are notorious for not respecting the privacy of its users or data. With OnionShare you can share files of all sizes through a webserver. An alternative is Firefox Send. Although it was designed by the creators of Firefox, you can also use it outside of the Firefox browser. With this service you can share files up to 1 GB, or 2,5 GB per upload if you create an account – which we do not recommend.
Anonymous office services
If you’re looking for an alternative to Google Docs with better security, have a look at Etherpad. This software is completely open-source and you do not even need an account to use it. Another option is Cryptpad. You can use it to write texts, create spreadsheets, or make flashy presentations. Only people who are given the access keys can gain access to a file.
For (video)calling there are number of good services available such as Linphone or Mumble. Linphone is free and open-source, it can be used for Windows macOS, IOS, Android, and GNU/Linux. The software has end-to-end encryption. Mumble is a little different. It is designed specifically for gaming, doesn’t keep any logs and also doesn’t record any conversations. It doesn’t have any end-to-end encryption though. The software is available for Windows, macOS X, IOS, and Ubuntu.
Sending anonymous messages
Ricochet or Signal provide more secure means of text messaging than your standard messaging app. Another good option is TorChat. This application is part of Tor and allows you to chat with anyone also using it. You don’t need to register. TorChat automatically assigns you a numerical ID that you have to send to the other person you wish to talk to. You can do this by telling the other person directly (face to face) or by sending your ID number through an encrypted email (see next step). This will allow a great degree of anonymity when chatting you cannot generally get anywhere else.
Sending emails safely and anonymously
A highly praised online email service is ProtonMail. Their mail accounts have standard end-to-end encryption. Emails sent through Gmail or Hotmail are generally easy to intercept and/or decipher. Encrypted email services are a much safer option. These services do tend to have more rigid data limits. So if you plan to exclusively use encrypted email accounts, then you might want to create more than one. Here is a list of encrypted email providers.
It is also possible to create a temporary email address(a so-called burner). The advantage of this is that you can create an online account on any website, confirm your registration and then never worry about getting your inbox bombarded with useless emails from said website. Some well-known temporary email address providers are: TempMail, 10minutemail, and Guerrillamail.
If you really do not want to switch to a different email address for you dark web browsing, then at least make sure your standard email account gets some extra protection through PGP (pretty good privacy). This can be done by adding an additional service on top of your regular email account like Mailvelope. This service works with providers like Gmail or Hotmail, and many more. Please be aware this option is less safe than a temporary email address or an encrypted email address. A lot of information about you can be backtracked through your regular email address.
11. Avoid Logins, Plugins, Subscriptions, and Payments
If you wish to browse the dark web safely, anonymity is your best option. Should you choose to log into certain user- or bank accounts, your anonymity will be compromised. It is never a good idea to log into your online bank account while on the dark web. Once you are logged into a user account, every activity on that website can be attributed to that profile, Tor or not. Therefore, it is best to not log into any profile or account while surfing the dark web.
However, some websites require you to have an account to get access. In this case, you can create a randomized and disposable email address, create an account that is not in any way identifiable to you personally and use this account to browse the website. Creating a user account that cannot be traced back to you means not using your name, birthday, hobbies, interests, location, etc. The more random and anonymous it is, the better. For more help on how to create a secure password, take a look at this guide.
Most people use at least a few plugins in their browsers. Many of these plugins can gather personal information about you, your location, and your online behavior. Therefore, it is better not to have these enabled while searching the dark web.
12. Know Where You’re Going
The dark web is not equipped with a regular search index such as Google. You have to know where you want to go before you get onto the dark web. This means having specific URLs ready in order to get to the right pages. It is not wise to randomly visit websites, as it is easy to arrive somewhere you do not want to be. The dark web hosts some of the most unsavory elements of the internet, such as child pornography sites.
In order to have some sense of direction on the dark web, there are directory sites that can aid you in finding what you want. One of the most common places that many first-time users visit, is “The Hidden Wiki“.
Other good places to help you navigate the dark web are:
13. Use Cryptocurrency
The dark web features a variety of marketplaces (most famously the now defunct Silk Road). Many of these marketplaces are likely to sell items that are illegal in your country. You should thus be careful and mindful of your country’s laws before purchasing anything on the dark web.
However, not everything for sale on the dark web is illegal. And it is also possible you may want to buy something legally, yet anonymously. Not everything you buy should necessarily be public knowledge. All financial transactions on the dark web go through cryptocurrency rather than regular bank transfers or credit cards. This is to ensure anonymity for both you and the seller.
Bitcoin tends to be the first name that people think of when they hear cryptocurrency. It has a well-known name and is often seen as safe, reliable, and anonymous. This is not entirely true, however. Bitcoin has a number of privacy issues such as address reuse, connected nodes, tracking cookies, and blockchain analytics. This means that it is possible for someone to link your personal information to a transaction. As such, a preferable option is to use a privacy-focused coin. Two of the most popular are Monero and Zcash, though there are other options available as well. A good overview can be found here.
Before you buy anything on the dark web though, make sure you are aware of country’s laws and how cryptocurrencies work.
14. Close Everything When you are Done
When you finish browsing the dark web, make sure to close all of your browser windows and any other related content. If you used Tails, shut down the operating system and go back to your regular OS. To be on the safe side: do a quick reboot.
15. Realize That you are Never 100% Safe
Even if you faithfully follow all of the previous steps, you are still not guaranteed complete safety on the dark web. You can unintentionally give out personal information or click on a corrupted link. Hackers are constantly finding new ways around security systems and settings. Nor will any of the previous steps keep you safe from compromised hardware. If your computer hardware is infected with some type of malware, any internet use is already compromised. In short, there is a lot you can do to improve your safety on the dark web, but nothing is ever foolproof.
16. Consult Online Guides, Blogs, Search Engines, Chat Sites etc.
Finding your way on the dark web can be quite difficult. That’s why we have collected a few resources you can use to help you further along. You do not have to rely on directories alone. Please be aware, these sites may contain dodgy characters or even outright malware. Nothing on the dark web is ever really safe. Trust no one, use your common sense, and enter at your own risk.
With this guide you can stay relatively safe when visiting the dark web. However, as mentioned before, the dark web remains quite tricky. It can take a lot of effort to get onto the dark web and once you are there you probably won’t be able to visit a lot of websites. We recommend reading a lot about the dark web before attempting to visit this part of the internet. Finally, if you are unsure about what to do on the dark web, you might as well stick to websites on the surface web.
Do you need a quick answer to a question? Here are some frequently asked questions and answers about the Dark Web and how to access it.
To visit sites on the Dark Web you must use the Tor-browser. This is a browser that allows you to visit special Dark Web URLs.
You can download the Tor-browser just like any other browser from a website. In the case of the Tor browser, this is www.torproject.org.
A Dark Web website is a website that has a .onion extension in its URL. These are only accessible through the Tor-browser. In the media they often talk about Dark Web websites as being websites where illegal things take place, but this is not always the case.
A Dark Web site is a website with the .onion extension in the URL. These can be found on the Hidden Wiki or via the DuckDuckGo search engine.
The Hidden Wiki is a wiki page with several links to Dark Web websites.
DuckDuckGo is a search engine (just like Google). DuckDuckGo doesn’t keep track of your usage and also shows .onion websites in its results.