End-User Guide
Degarmo Technologies · Dark Web Monitoring
Dark Web ID
Employee Alert Guide
Degarmo Technologies monitors the dark web 24/7 for your organization's stolen credentials. If your work email or password appears in a data breach, you'll receive an alert and specific instructions. This guide explains what it means, what to do, and how we protect you.
🔍
Important: If You Received an Alert
Jump to Section 03 (Page 5) for immediate action steps. Time is important — the sooner you change your password, the safer you are.
Employee Reference Guide
July 2026
Contents
What's Inside
Dark Web ID is a continuous monitoring service that watches criminal marketplaces, hacking forums, and breach databases — looking for your organization's credentials before attackers can use them. This guide explains the program, what an alert means, and exactly what to do when you receive one.
01
What Is Dark Web Monitoring?
How your credentials end up on the dark web — and how we find them
Pg 3
02
What an Alert Looks Like
What to expect when Degarmo notifies you of a detected compromise
Pg 4
03
Immediate Action Steps
Exactly what to do — in order — when your credentials are found
Pg 5
04
Password Best Practices
Creating strong passwords and using a password manager
Pg 6
05
How We Protect You Going Forward
What Degarmo Technologies does continuously on your behalf
Pg 7
06
Quick Reference & Contact
The key steps at a glance and how to reach Degarmo Technologies
Pg 8
Section 01
What Is Dark Web Monitoring?
How stolen credentials end up in criminal markets — and how we find them first

The Threat: Credentials for Sale

The dark web is a hidden part of the internet inaccessible through normal browsers — a sprawling network of criminal marketplaces, hacking forums, and data exchange sites where stolen information is bought and sold. Every day, thousands of username and password combinations land in these markets — and your work email address could be among them through no fault of your own.

24B+
username/password combos
found in criminal markets (2025)
22%
of breaches caused by
stolen or compromised credentials
550×
larger than the
surface internet

How Does This Happen?

Here's the important part: your organization's own systems may be completely secure — and your work credentials can still end up on the dark web. This happens through third-party breaches: when another service you've used your work email address to sign up for gets hacked.

You use your work email on a vendor portal, conference registration, or subscription service
That third-party site is breached — your email + password are stolen
Criminals sell or share the credentials in dark web marketplaces
Attackers try those credentials to log into your work accounts
💡
This Is Not Your Fault
Credential breaches from third-party sites are extremely common and affect nearly every organization. Receiving a Dark Web ID alert does not mean your computer was hacked or that you did anything wrong. It means our monitoring found your information before criminals could use it against you — which is exactly what the service is designed to do.

How Dark Web ID Finds Your Credentials

Degarmo Technologies uses Dark Web ID to monitor your organization's email domain around the clock. The system scans hundreds of criminal forums, data dump sites, paste sites, IRC channels, and peer-to-peer networks — executing over 10,000 targeted searches daily — looking for any appearance of your organization's credentials. Every potential match is validated by human analysts before an alert is generated, ensuring that what you receive is accurate and actionable.

🔄 Always-On Monitoring
Dark Web ID monitors 24/7/365 — automatically, in the background, without any action required from you.
✅ Human-Validated Results
Every potential match is verified at least twice by security analysts before an alert reaches your team. No false alarms.
Section 02
What an Alert Looks Like
Recognizing a legitimate Dark Web ID notification from Degarmo Technologies

When Dark Web ID detects your credentials in a data breach, your IT team and/or Degarmo Technologies will notify you. Below is an example of what that notification may look like. The content of your actual alert will vary based on what was found.

🔐
Security Alert: Compromised Credentials Detected
Dark Web ID · Monitored by Degarmo Technologies
⚠ Action Required Detected: Jul 4, 2026 Source: Third-Party Breach

Hi Alex,

Our 24/7 dark web monitoring system has detected that your work email address appears to have been included in a recent data breach. This does not mean your organization's systems have been compromised — this appears to be a third-party breach from an external service.

What Was Found
Email address:
alex@yourcompany.com
Breach source:
Third-party vendor portal (2024)
Data exposed:
Email address, Password (hashed)
Detected:
July 4, 2026 at 3:14 AM

Immediate action required: Please change your work email password now, and update your password on any other accounts where you used the same credentials.

Change My Password →
Contact IT Support

Key Things to Know About This Alert

✅ This Is a Legitimate Message
Credential alerts from Degarmo come from a consistent, known address that your IT team will confirm. If you're ever unsure whether an alert is real, contact your IT team directly — don't click links in the email.
🕐 Act Quickly But Don't Panic
The sooner you change your password, the smaller the window of risk. That said, early detection is the best-case scenario — it means attackers haven't had time to use these credentials yet.
📋 Scope May Be Limited
The alert will tell you exactly what was found: your email address, whether a password was exposed, and where the breach originated. Not all breaches expose passwords — some expose only email addresses and other contact info.
🔒 Your Organization Was Not Hacked
In most cases, your organization's own systems are fully secure. The breach came from an external site where your work email was registered. Dark Web ID found this before attackers had the chance to exploit it.
Section 03
Immediate Action Steps
Exactly what to do — in order — when you receive a credential alert
⚡ Start Here: Your Credential Checklist
Work through these steps immediately after receiving an alert. Complete them in order — each one closes a specific window of risk. Check each item as you go.
You're Not Alone in This
Degarmo Technologies is monitoring your organization continuously. If additional breaches are detected, you'll receive updated alerts. Our team is available to help you through the response process — don't hesitate to reach out.
Section 04
Password Best Practices
Creating passwords that protect you — even when a breach occurs somewhere else

No security tool eliminates breaches — but strong password hygiene significantly limits their impact. When a breach occurs and only one unique password is exposed (rather than a password you've reused across dozens of accounts), the damage is contained to a single site. Here's how to build that habit.

Password Strength Guide

How Quickly Can a Password Be Cracked?
password123
Weak
Cracked in: seconds
P@ssw0rd2024!
Moderate
Cracked in: hours to days
BlueMountain!Coffee#42
Strong
Cracked in: centuries
Xk$9mP#qL2!vBnR7&Tz
Strongest
Cracked in: billions of years

The Three Rules of Strong Passwords

1
Make it long (12+ characters minimum)
Length is the most important factor in password strength. A 20-character password made of random words is exponentially harder to crack than an 8-character password with symbols. Use a passphrase: three or four random words combined (e.g., BlueMountainCoffeeBridge!) is both memorable and very strong.
2
Make it unique — one password per account
This is the single most impactful rule. When you reuse passwords, one breach can compromise dozens of accounts. A unique password on every account means a breach of one site affects exactly one site — nothing else. A password manager makes this practical.
3
Add Multi-Factor Authentication
MFA means that even with the correct password, an attacker can't access your account without also having your phone or hardware token. Enable MFA on your work accounts and any personal accounts with sensitive information (email, banking, etc.).

Using a Password Manager

A password manager is software that generates, stores, and auto-fills unique, complex passwords for every account you use. You only need to remember one master password — the manager handles everything else. Your IT team or Degarmo Technologies can recommend the right option for your organization.

✅ Benefits
Unique password for every account · No more password reuse · Auto-fills login forms · Accessible on all devices · Often includes breach alert notifications
🔐 How It Works
Set one strong master password → Manager generates a unique 20+ character password for each site → Stores them encrypted → Fills them in automatically when you log in
⚠️
Never Share Passwords — Ever
No legitimate IT team, help desk, or service provider will ever ask for your password. If anyone requests your password by email, phone, or chat — even someone claiming to be from Degarmo Technologies or your company's IT department — decline and report it immediately.
Section 05
How Degarmo Protects You Going Forward
What happens behind the scenes — 24/7 — on your behalf

Dark Web ID runs continuously in the background — you don't need to do anything to keep the monitoring active. Here's what Degarmo Technologies does on your behalf, every single day.

Our Continuous Monitoring Coverage

💬 Criminal Forums & Chatrooms
We monitor 500+ private IRC channels and hidden forums where hackers share and sell stolen data — often before that data becomes widely available on public markets.
🌐 Dark Web Marketplaces
Criminal storefronts on the dark web where credentials are bought and sold by the millions. We search these continuously for your organization's email domain.
📋 Data Dump & Paste Sites
Sites like Pastebin and dozens of others where hackers post stolen credential files publicly. We scan over 600,000 private websites and data dumps daily.
🤖 Botnet & Malware Data
Command-and-control servers used by malware to harvest credentials from infected devices. We identify credentials stolen this way and alert your team before they're exploited.

The Monitoring Workflow

1
Continuous, automated scanning
Dark Web ID executes over 10,000 targeted searches daily across criminal networks — looking specifically for your organization's email domain and associated credentials.
2
Human analyst validation
Every potential match is reviewed and confirmed by security analysts at least twice before any alert is generated. This ensures that what reaches you is accurate, verified, and actionable.
3
Immediate notification to your IT team
When a confirmed match is found, Degarmo Technologies is alerted immediately. Your IT team is notified and determines the appropriate response — including whether to notify you directly and what remediation steps are required.
4
Monthly Digital Risk Review
Your organization receives a monthly report summarizing all monitoring activity, any credentials detected, and recommended ongoing actions. This report is delivered to your leadership team and serves as an ongoing risk snapshot.
What Dark Web ID Cannot Do
Dark Web ID detects that your credentials have appeared on the dark web — it cannot remove that data once it's there, because the dark web operates outside normal legal reach. What it does do is ensure you find out quickly enough to change your password and lock down accounts before attackers can use what they've found. Early detection converts a potential breach into a manageable security event.
Section 06
Quick Reference & Contact
The key steps at a glance — and how to reach Degarmo Technologies
If You Receive a Dark Web ID Alert — Do This:
1️⃣
Change your work password immediately
Make it long (15+ characters), unique, and something you've never used before
2️⃣
Change passwords on other accounts using same credentials
Check all accounts where you used the same email + password combination
3️⃣
Enable MFA on your work account
Multi-Factor Authentication stops attackers even if they have your password
4️⃣
Review recent account activity
Check for any unfamiliar logins in your email account's security settings
5️⃣
Notify your IT team you've completed these steps
Confirm with Degarmo Technologies that your account is secured
📞 Contact Degarmo Technologies
Website: degarmo.tech

Contact us if you receive an alert and need assistance, if you notice suspicious account activity, or if you have any questions about your organization's security monitoring program.
✅ The 3 Things You Control
Unique passwords — one per account, always
MFA everywhere — especially on work accounts
Fast response — act immediately on alerts
You Are Part of Your Organization's Security
Dark Web ID handles the monitoring — but your response when credentials are found is what determines the outcome. A fast password change and MFA activation can be the difference between a near-miss and a real breach. Degarmo Technologies is watching on your behalf, every hour of every day. If you ever have questions or concerns about your account security, reach us at degarmo.tech.