Frequently Asked Questions

Business Identity Monitoring FAQs
CyberAgent®, our priority monitoring technology, proactively detects stolen business identifiable information and compromised confidential data online. CyberAgent is the only identity monitoring solution designed for proactive cyber detection on an international level - breaking language barriers and detecting identity theft across the globe.

At any point in time, our CyberAgent technology is monitoring thousands of websites and millions of data points, alerting you if we find your business information in a compromised position online. This information is being gathered in real-time, giving you the opportunity to react quickly and take the necessary steps to protect your business.
Business identity monitoring is included automatically with your Business Credit AdvantageSM plan; it cannot be purchased separately.
The data we find comes from Internet forums and websites, web pages, dark web chat channels, hidden and anonymous web services, malware samples and more.
This monitoring tracks Internet activity for signs that the information you've asked us to monitor is being traded and/or sold online. This alert means that our surveillance technology has discovered information on the Internet that is a match to your monitored elements.
A sample alert may appear as: "6/18/17 The credit card ending in 3456 has been found on the dark web and may be compromised." There will also be information in the alert email about what you should do in this case.
Ideally, our scans won't reveal any business identity credentials found associated with your business. But if we do find something based on your configured monitoring inputs, we'll display up to 500 of these on our website for your review.
Due to the nature of the "dark web", it is very difficult to locate the source of most data breaches. All we can tell you is that the information that you entered for business identity monitoring was found in our dark web scans. This will allow you to take steps to protect your business. Unfortunately, directing you to the source of the compromised data is often not possible.
It is recommended that you change your compromised account information wherever you have been using it.
Immediately change your passwords for websites or online accounts that use that email address at login.

Utilize smart password habits moving forward. If you reuse a password on multiple sites, your online accounts may be more vulnerable to identity thieves. Create unique and strong passwords for your accounts utilizing a mix of special characters, numbers, and uppercase and lowercase letters.
We recommend changing your payment method on those sites where that card number is being used.

Contact your card issuer to cancel the card number. If any fraudulent charges were performed, you may be able to submit a dispute for charge reversal through the card issuer.

Review your credit report for indications of identity theft.

Place a fraud alert on your credit report.
Your business phone number can be used along with other personally identifiable information (PII) elements to steal your business identity. If this is the only compromised credential that we find a match to, it is not a clear indicator of identity theft and there is likely no action to be taken.

As a precaution, change your password for online accounts that use your phone number as an authentication mechanism.
Results may include any of the following types of vulnerabilities: Denial of Service, Distributed Denial of Service, Carriage Return Line Feed Injection, Cross Site Request Forgery, Directory Traversal, DNS Hijacking, Local File Inclusion, Malware, Remote Access, Remote File Inclusion, SQL Injection, Web Distributed Authoring and Versioning Access, Web Parameter Tampering, XPath injection, Cross Site Scripting, and Zero Day Attack.

In the event of an IP address monitoring alert we recommend that your technical staff become involved to review and/or correct any issues that may have been reported. Note that Experian is monitoring the dark web for mentions of your webserver, not scanning it themselves to determine vulnerabilities; Experian makes no warranties that information found on the dark web regarding your website's security is accurate or complete.

If you have your small business website hosted with a third party such as GoDaddy, DirectNIC, Rackspace, Amazon Web Services, or through your local Internet Service Provider, monitoring of this type is not something that you need to configure since your IP address is dynamic and can change at anytime.
Immediately change the passwords for websites or online accounts that use any compromised email addresses at login.

Utilize smart password habits moving forward. If you reuse a password on multiple sites, your online accounts may be more vulnerable to identity thieves. Create unique and strong passwords for your accounts utilizing a mix of special characters, numbers, and uppercase and lowercase letters.
You can update your business identity monitored fields by using the "Configure" button under the section "Your business identity monitoring" of your logged in homepage.
You can turn off your business identity monitoring by clicking on the "Configure" button under the section "Your business identity monitoring" of your logged in homepage. Once on the configuration page, use the "Clear all fields above and cancel business identity monitoring" link on the bottom of that page.
Start with a Business Search
State *
* Required

Stay Connected