From advanced disinformation services to stolen digital identities, smart home vulnerabilities, and AI-driven social engineering — these are some of the key topics currently being discussed in dark web forums.
Every December, experts at NordVPN predict cybersecurity risks for the upcoming year. This time, they partnered with NordStellar analytics, whose researchers analyzed the largest dark web forums to uncover the most discussed and emerging topics.
“While last year’s predictions still hold relevance, we’ve noticed a significant rise in hacking courses and DIY cybercrime kits. Meanwhile, leaked personal media and customer data continue to circulate widely on these forums,” says Adrianus Warmenhoven, cybersecurity expert at NordVPN.
“This year, we’ve gone further to identify five emerging threats and vulnerabilities likely to escalate in 2025,” Warmenhoven adds.
Persistent Threats: The Rise of Account Takeovers
One of the dark web’s most discussed threads, with more than 135,000 comments, focuses on “combo lists”, databases containing combinations of usernames, passwords, and other personal data from various breaches. Additionally, nearly 26,000 comments focus on account takeovers, where this stolen metadata is used to access accounts without authorization.
Because of widespread password reuse across multiple platforms, these breaches allow hackers not only to commit fraud but also to impersonate individuals for malicious activities like identity theft.
Warmenhoven emphasizes the ongoing danger: “As long as people reuse passwords, these attacks will remain effective and popular among cybercriminals. In fact, we predict a sharp increase in these activities for 2025 due to new data breaches supplying fresh credentials.”
Emerging Threats: Exploiting Smart Home Security
Another highly active thread on dark web forums, attracting nearly 21,000 comments, focuses on vulnerabilities in smart home systems and applications, with detailed instructions on how to exploit them.
The 2024 IoT Security Landscape Report revealed that over 9.1 billion security events globally were linked to approximately 50 million IoT devices. Home networks alone experienced an average of 10 attacks daily against connected devices, a figure expected to rise further in 2025.
“Hackers are targeting a wide range of devices, from smart refrigerators to home CCTV systems. While some devices act as entry points for broader network attacks, others, like CCTV systems, can be hacked directly to expose private activities,” Warmenhoven warns.
Identity Theft Remains a Top Priority
Fraud-related discussions are among the most active threads on the dark web. Users frequently share tools and techniques for crimes like credit card fraud and insurance fraud, but identity theft remains the most lucrative focus.
Hackers exploit personal data to access bank accounts, secure credit cards, and commit tax fraud. In 2025, these techniques are expected to evolve, with more sophisticated methods emerging.
“One growing threat is synthetic identity fraud, which combines real and fake data, often using deepfake technologies for greater effectiveness. Another is reverse identity theft, where someone lives as another individual taking jobs, accessing medical care, or avoiding legal consequences,” Warmenhoven explains.
The Rise of “Disinformation as a Service”
The World Economic Forum’s Global Risks Report 2024 ranked AI-generated misinformation as the second-most severe global risk over the next two years, with cyberattacks ranking fifth.
On the dark web, disinformation strategies are a hot topic, including tactics like using thousands of fake social media accounts, spam emails, and bot farms to spread false narratives.
“We anticipate that disinformation as a service will become a significant threat in 2025,” Warmenhoven cautions. “This service allows cybercriminals to profit from creating and spreading false information. It’s highly customizable, enabling precise targeting of demographics and manipulation of social media algorithms.”
AI-Driven Social Engineering: A Growing Concern
AI-driven social engineering is becoming increasingly sophisticated. While not yet widely discussed, forums are filled with guides and examples for leveraging AI to manipulate human behaviour, craft more convincing phishing emails, and exploit system vulnerabilities.
A particularly concerning trend is the emergence of “company manipulation and exploitation.” Warmenhoven explains: “Bad actors trick companies into issuing refunds or replacements for nearly any reason. Forums share detailed methods for researching companies, targeting brands like Amazon, ASOS, and Walmart.”
Looking Ahead
As 2025 approaches, these insights from dark web forums reveal the pressing need for heightened cybersecurity measures. Persistent threats like account takeovers and identity theft will continue to grow, while emerging risks such as smart home exploits, disinformation services, and AI-driven social engineering pose new challenges.
Stay informed and vigilant to protect your personal and organizational data against these evolving cyber threats.
