Skip to content

How Drugs Are Sold on the Dark Web

 

Federal authorities announced last week several arrests, charges, and guilty pleas from a joint operation dubbed "Operation Darkness Falls," which targeted people and organizations selling fentanyl and other drugs over the dark web. Among those arrested were the operators behind the dark web username "MH4Life," which the Department of Justice called the most prolific dark web fentanyl vendor in the US and the fourth most prolific in the world.

 

Those unfamiliar with the dark web may wonder how it operates and whether it poses a greater threat in the opioid crisis than the surface web. LegitScript investigative analysts explored this issue earlier this year when we conducted in-depth research on dark web opioid sales on behalf of the Center for Safe Internet Pharmacies (CSIP). Our investigation culminated in the report The State of Opioid Sales on the Dark Web.

 

In this blog post, we answer some of the most common questions about illicit commerce on the dark web.

 

 

The World Wide Web is made up of the surface web, the deep web, and the dark web. The surface web (also called the clear web and the open web) is what most of us navigate when we check social media, shop online, or read the news. Websites on the surface web are publicly accessible and indexed by search engines such as Google and Bing, permitting internet users to search for them.

 

The deep web comprises any content on the web that is not indexed for search engines and that is accessed by password or encryption, or through gateway software. This includes content such as medical records, legal documents, financial records, and government resources.

 

The dark web is a subset of the deep web, which is also not indexed by traditional search engines. Unlike the deep web, the dark web functions not only for security but also for anonymity. Its content is intentionally hidden and requires special browsers to access.

 

A common metaphor is to think of the World Wide Web as an iceberg, with the visible tip of it being the surface web. | Illustration courtesy the Center for Safe Internet Pharmacies

 

 

Dark web commerce operates largely on marketplaces that function similarly to surface web third-party marketplaces such as eBay and Amazon. These marketplaces offer mostly illegal products, such as drugs, weapons, counterfeit items, pirated intellectual property, and illicit adult content. Some of the vendors may be scammers, meaning they make sales but don't actually send anything in return. These are called nondelivery schemes.

 

Marketplaces also serve an escrow function, meaning that they take a buyer's payment, hold onto it until the buyer has received his or her purchase, and then release funds to the seller. This helps to reduce the likelihood of nondelivery schemes. For this service, the marketplaces take a small percentage of the proceeds. Like eBay and Amazon, products are sold by vendors who get reviews and ratings based on their reliability and quality of product.

 

 

Users of the dark web employ technology to obfuscate their identity, including the Tor browser, which routes users through multiple relays to hide their locations and IP addresses. They also typically use a virtual private network (VPN), which creates a secure "tunnel" for sending and receiving data across shared or public networks by configuring their computing devices as if they were directly connected by a private network.

 

Once on a dark web marketplace, users often maintain their anonymity by communicating through encrypted messages, making it difficult for anyone to intercept and read. Furthermore, all marketplaces accept forms of cryptocurrency, such as Bitcoin. This digital currency allows buyers to pay while maintaining a degree of privacy protection. Holding payment in escrow often has the added benefit of "tumbling" or "mixing" digital currency; this is a form of money laundering that severs the connection between a cryptocurrency address sending coins and the address to which they are sent.

 

 

Virtually all drugs sold on the dark web are shipped through the mail. A 2016 LegitScript report prepared for CSIP showed that, without exception, drugs sold through test buys from the surface web were shipped from the country of origin using public (government-run) postal services. The same is likely true for shipments from the dark web. In 2016, the DEA made purchases from four vendors on a major dark web marketplace called Dream Market and received verified controlled substances from each, all of which were shipped through United States Priority Mail, according to a criminal complaint filed by the DEA in August 2017.

 

Mail services are extremely difficult to anonymize. Because illicit drug dealers on the internet likely cannot avoid using traditional shipping methods to deliver goods to customers, shipping is a key vulnerability that law enforcement may exploit to track down dealers.

 

 

Both the dark web and surface web offer their own risks and dangers. The dark web was built for anonymity and, as such, it's often nearly impossible for buyers to know who they are transacting with or where their purchases are being sourced. Drugs may be adulterated, counterfeit, or possibly made by amateurs out of their homes using substandard equipment. These dangers exist on the surface web as well; however, without illicit marketplaces that have built-in escrow and rating systems, there may be a higher likelihood of nondelivery schemes and phishing scams from websites on the surface web. Either way, it can be extremely risky for anyone to attempt to purchase controlled substances or unapproved drugs from the internet.

 

 

 

LegitScript's investigative analysts frequently conduct research on both the surface web and dark web in our efforts to identify operators illegally selling drugs and other federally regulated products. Contact us to learn more about our expertise in identifying cybercriminals and mapping out the often complex networks they operate.

 

 

 

David Khalaf is a writing, communications, and marketing professional with specialties in media, investigations, content strategy, and writing instruction. His 20 years of writing, media, and communications work have included two top-tier universities (USC and UCLA), print and digital magazines, consulting firms, and technology companies.

His current work involves content strategy and development at LegitScript, a company that helps the world's leading search engines, payment service providers, and internet platforms and marketplaces do business with legitimate, legally operating entities in more than 80 countries and 15 languages around the world. LegitScript specializes in risk and compliance for highly regulated industries including CBD/cannabis, online gambling, cryptocurrencies, drugs, financial trading, online adult, scams and fraud, and more.

Recent Blog Articles

What is fraud prevention?

What Is Fraud Prevention? Here’s What You Need to Know

What do acquiring banks, sponsor banks, and/or payment processors need to know about fraud prevention? We'll cover what fraud prevention is, what payments fraud is, and how LegitScript Merchant Onboarding and Merchant Monitoring fit within your fraud risk management programs framework. Then contact...
fraud risk management

Holistic Fraud Risk Management Programs Look Like This

Taking a holistic, proactive approach to fraud risk management helps your organization mitigate risk, remain compliant, protect your customers, and avoid scrutiny from card brands and regulatory agencies. Discover how LegitScript Merchant Monitoring and Merchant Onboarding fit into your merchant ris...
New gun laws in California 2023

New Gun MCC Law Passed in California Sparks Debate

The leading state for gun safety legislation is paving the way for the rest of the nation by requiring the implementation of a gun MCC - providing companies with what some allege is an invasive level of visibility into firearm and ammunition sales. Learn more about firearms-related MCCs and their sh...
payments fraud

LegitScript Merchant Monitoring Detects and Prevents Payments Fraud

As the number of online card-not-present transactions continues to increase, it has become more important than ever for acquiring and sponsoring banks as well as payment processors to get merchant-level insight into their downstream or merchant portfolio. Contact us for a quick strategy session to s...