• Mon. Jun 17th, 2024

How Not to Get Scammed While Buying a Dark Web Market

Avatar photo

ByHarper Stewart

Sep 25, 2023
How Not to Get Scammed While Buying a Dark Web Market
Harper Stewart
Latest posts by Harper Stewart (see all)

The most popular scam that exists on the dark web is the market scam. There are various ways of how you can get scammed trying to make a purchase of an item. Some of them will make you lose a few dozens of dollars while others might put your life and freedom at risk. Whenever you choose to enter the darknet market, you should be cautious all the time as the criminals will always wait until you`re not careful enough to get into their trap.

Note that we don’t promote any illegal activities, especially on the dark web. All the information is for educational purposes only. Below you will see the most popular scamr on the dark web markets. 

Market Exit Scam

An example of an exit scam.

Exit scams, where marketplaces suddenly close their platforms and steal all the money in escrow and wallets, represent a worrying prospect. Unreliable actors may use a number of strategies to carry out this plan more successfully. These strategies frequently involve continuing to accept deposits while putting a hold on withdrawal requests in order to give users the impression that everything is working as it should, even when problems may be developing behind the scenes. Additional warning signs, such as unanswered customer service tickets, a lack of activity from moderators, and an observable decrease in the site’s overall operation, emerge as an exit scam approaches.

Exit scams can unfortunately be difficult to avoid because, once they do, customers usually have little recourse. There are certain proactive measures you may take to lower your risk, though. Avoiding storing a sizable sum of money in your wallet on these networks is an essential tactic. Instead, think about using direct payment services, which let you make purchases without adding money to your account beforehand. By doing this, you can lessen your vulnerability to potential losses in the event of an exit scam and contribute to asset protection.

Vendor Exit Scam

Potential exit scam by Dark0de.

This is a fraud where a seller takes your money but fails to deliver the goods. This often occurs when a seller requests it or when a listing on the market uses the “Finalize Early” function. It could, however, occur with any listing. Additionally, if the market permits it, dealers could try to surprise you by using the shortest timer choice. When planning to use an exit scam, a merchant may combine these with discounts on products to encourage more customers to buy and possibly make bigger purchases.

Vendor exit scams can be avoided by constantly on the lookout for “too good to be true” bargains, being aware of the dangers of “Finalize Early” listings, constantly monitoring the escrow timer after placing an order, and using the “Dispute” and “Extend Timer” tools as necessary.

Direct Order Scam

Direct order scam is when a seller leads a customer to an unregulated website, service, or app to conduct business and defrauds them because there is no buyer protection. Users are often asked to place orders by email, a messaging software like Wickr, Signal, or Telegram, their own onion, or a website. 

To persuade individuals to use this approach rather than the market, vendors frequently make promises of incentives like discounts and/or extras. This might be avoided if orders were never placed via a channel other than a market. Direct orders aren’t always scams, but you should be aware that if you let yourself, you can fall for one.

Vendor Impersonation Scam

An example of an impersonalization scam.

This is when a vendor poses as another to get customers to trust and do business with them. Typically, this is accomplished by acting as prominent merchants from previous marketplaces who are no longer present or on markets where a seller is not currently present. Alternately, imposters could use the names of market vendors on websites like Telegram or via direct messaging applications or emails. Impersonation is frequently used in conjunction with another fraud, such as an Exit or Selective fraud, or with a direct scam.

By verifying the seller’s PGP key and contrasting it with their keys on other marketplaces or on the onion site known as Recon, this fraud may be averted. It’s possible that a merchant altered the keys over time, but if that’s what’s being claimed, proceed with caution as you would with any other fraud. Check the vendor’s market profiles on platforms like Telegram and/or chat them on a market to see whether it is legitimate. Extreme caution should be exercised if they are no longer available on the market.

Market Selective Scams

A possible selective scam by the Kingdom darknet market.

When a market takes user funds, but just for a small portion of deposits to avoid raising too much suspicion, by sending their deposits to wallets they don’t have access to. Market exit scams frequently come before these, however it may happen weeks or months ahead. This scam is particularly cunning because there isn’t much that can be done to stop it aside from keeping an eye on onion/market forums, where posts about missing money will inevitably be plentiful for a variety of reasons that may or may not include this kind of scam. Small test deposits before any bigger ones, however, can assist provide security, but this is not always foolproof depending on how the scam is run.

Vendor Selective Scams

Vendor selective scams is when a seller only defrauds a small portion of customers in order to keep their ratings from falling too much and keep consumers from buying from them. Vendors may accomplish this by employing strategies similar to those I described for exit scams. Short escrow timeframes, “Finalize Early” features and demands, etc.

Always reading a vendor’s evaluations can help you stay away from selective scams. 

Selective fraudsters usually have a majority of favorable ratings with a scattering of bad reviews from those who didn’t receive the product. In addition, it ought to be addressed in the same way that I described for exit scams. Keep track of escrow timers, utilize the “Dispute” and “Extend Timer” tools as necessary, and use “Finalize Early” with caution and awareness of the hazards involved.

Man In The Middle

Fake phishing links trying to impersonate the Bohemia market.

A fake link is one that appears frequently in forum posts, market reviews, and clearnet/unvouched websites. It will direct you to a copy of the original website that looks and functions exactly the same, with the exception of a few minor but crucial changes, like the crypto deposit address. By using appropriate link sources, such as dark.fail, tor.taxi, or a market’s official Dread links, this may be prevented. In addition, make sure the website’s wallet address is accurate. 

However, the wallet address in the PGP message should always match the one on the market. Sadly, Bohemia has a shoddy backend, so the link in the confirmed PGP message for wallet addresses may be wrong there. The link is useless if it isn’t. If you’re still hesitant, you might also try sending a tiny test deposit to the address.


This phrase has come to be used more broadly to refer to any kind of fake links, but it actually refers to a specific kind of fake link that is frequently found in forum posts, market reviews, and clearnet/unvouched websites and which leads to a copy of a website’s login page that looks and works exactly like the real one, but which is intended to steal your login information once you use it to log in. A Man In The Middle assault is frequently paired with this.

By only using legitimate link sources, such as dark.fail, tor.taxi, or a market’s official Dread links, phishing may be prevented. Additionally, make sure your market accounts are constantly protected by 2FA PGP, which stops hackers from accessing your account even if they know your information. As phishers may try to use that information to login to clearnet sites as well, it is advised to never use usernames and passwords on the darkweb that you use for the clearnet.

Data Leak

How the stolen data is being selled on the dark web.

Data leak is when user information is stolen, often sold, or made publicly available, either as a consequence of a breach or by direct sourcing or sale from the website.

Although there is no practical way to stop it, any risks and harms can be reduced by choosing distinctive usernames and passwords that are not associated with any crucial services or websites, as well as by utilizing 2FA and PGP Encryption.

Avatar photo

Harper Stewart

With a deep understanding of the complexities of the Dark Web, Harper curates informative and thought-provoking content for our readers. Her knowledge of the hidden corners of the internet and cybersecurity helps shed light on the often mysterious and illicit activities that take place in this realm.