experian (TM)
Help Home      Products      Help      Business services      Login


BUSINESS IDENTITY MONITORING

+  How does business identity monitoring work?
CyberAgent®, our priority monitoring technology, proactively detects stolen business identifiable information and compromised confidential data online. CyberAgent is the only identity monitoring solution designed for proactive cyber detection on an international level - breaking language barriers and detecting identity theft across the globe.

At any point in time, our CyberAgent technology is monitoring thousands of websites and millions of data points, alerting you if we find your business information in a compromised position online. This information is being gathered in real-time, giving you the opportunity to react quickly and take the necessary steps to protect your business.


+  How do I sign up for business identity monitoring?
Business identity monitoring is included automatically with your Business Credit AdvantageSM plan; it cannot be purchased separately.


+  Where does the data returned by this service come from?
The data we find comes from Internet forums and websites, web pages, dark web chat channels, hidden and anonymous web services, malware samples and more.


+  What does it mean when I receive an alert?
This monitoring tracks Internet activity for signs that the information you've asked us to monitor is being traded and/or sold online. This alert means that our surveillance technology has discovered information on the Internet that is a match to your monitored elements.


+  What does a business identity alert look like?
A sample alert may appear as: "6/18/17 The credit card ending in 3456 has been found on the dark web and may be compromised." There will also be information in the alert email about what you should do in this case.


+  How many business identity alerts might I receive?
Ideally, our scans won't reveal any business identity credentials found associated with your business. But if we do find something based on your configured monitoring inputs, we'll display up to 500 of these on our website for your review.


+  Can I get more detail about where the data was discovered?
Due to the nature of the "dark web", it is very difficult to locate the source of most data breaches. All we can tell you is that the information that you entered for business identity monitoring was found in our dark web scans. This will allow you to take steps to protect your business. Unfortunately, directing you to the source of the compromised data is often not possible.


+  What if the alert references only some of the information I'm monitoring?
It is recommended that you change your compromised account information wherever you have been using it.


+  What should I do if my email address is found compromised?
Immediately change your passwords for websites or online accounts that use that email address at login.

Utilize smart password habits moving forward. If you reuse a password on multiple sites, your online accounts may be more vulnerable to identity thieves. Create unique and strong passwords for your accounts utilizing a mix of special characters, numbers, and upper- and lower-case letters.


+  What should I do if my business credit/debit card is found compromised?
We recommend changing your payment method on those sites where that card number is being used.

Contact your card issuer to cancel the card number. If any fraudulent charges were performed, you may be able to submit a dispute for charge reversal through the card issuer.

Review your credit report for indications of identity theft.

Place a fraud alert on your credit report.


+  What should I do if my business phone number is found compromised?
Your business phone number can be used along with other personally identifiable information (PII) elements to steal your business identity. If this is the only compromised credential that we find a match to, it is not a clear indicator of identity theft and there is likely no action to be taken.

As a precaution, change your password for online accounts that use your phone number as an authentication mechanism.


+  What should I do if my corporate website IP address is found compromised?
Results may include any of the following types of vulnerabilities: Denial of Service, Distributed Denial of Service, Carriage Return Line Feed Injection, Cross Site Request Forgery, Directory Traversal, DNS Hijacking, Local File Inclusion, Malware, Remote Access, Remote File Inclusion, SQL Injection, Web Distributed Authoring and Versioning Access, Web Parameter Tampering, XPath injection, Cross Site Scripting, and Zero Day Attack.

In the event of an IP address monitoring alert we recommend that your technical staff become involved to review and/or correct any issues that may have been reported. Note that Experian is monitoring the dark web for mentions of your webserver, not scanning it themselves to determine vulnerabilities; Experian makes no warranties that information found on the dark web regarding your website's security is accurate or complete.

If you have your website hosted on a third party, such as GoDaddy, DirectNIC, Rackspace, Amazon Web Services, or through your local Internet Service Provider, monitoring of this type is not something that you need to configure since your IP address is dynamic and can change at anytime.


+  How can I update my business identity monitored fields?
You can update your business identity monitored fields by using the "Configure" button under the section "Your business identity monitoring" of your logged in homepage.


+  How can I turn off my business identity monitoring?
You can turn off your business identity monitoring by clicking on the "Configure" button under the section "Your business identity monitoring" of your logged in homepage. Once on the configuration page, use the "Clear all fields above and cancel business identity monitoring" link on the bottom of that page.







Experian and the Experian marks herein are service marks or registered trademarks of Experian.