- The Deep Web is where password-protected accounts live, but the Dark Web is where stolen passwords become merchandise.
- Internet lore maintains there are 8 levels of the internet, but the truth is far less dramatic.
- The Deep Web promises security, and the Dark Web promises anonymity. But only one of them has your best interests in mind.
- The difference between the Deep and Dark Web lies in the level of accessibility, type of content, and potential risks.
- Both the Deep and Dark Web aren’t beyond the long arm of the law. You'll be surprised at the reasons why.
- Staying safe on the Dark Web takes more than vigilance. With the very real threat of ecommerce fraud, you’ll sleep better knowing LastPass Dark Web Monitoring is tracking your email addresses, the gateway to your financial accounts and shopping profiles.
The Deep Web is where password-protected accounts live, while the Dark Web is where stolen passwords become merchandise. And both are part of the alleged eight (8) levels of the internet.
Right now, the world of Amazon orders and email inboxes thrives in the Deep Web. This haven claims 95% of internet real estate.
Sites like Wikipedia, Kayak, and Reuters? That’s the Surface Web, representing less than 5% of the Internet.
Meanwhile, the shadowy markets of the Dark Web lie beyond these realms. This 0.001% of the internet is where secrecy is currency, and caution is critical.
Today, we’re going to separate fact from fiction and take you on a descent through the 8 levels of the internet. But first, we’re going to answer a question millions have asked.
What are the levels of the internet?
Answer: There’s no consensus on what the “levels of the internet” are. The internet isn’t made up of “floors.” Instead, it’s defined by access methods and privacy layers.
What you’re seeing out there is a mix of reality and myth enshrined in viral infographics.
Accordingly, here’s what people claim the levels of the internet are:
- Level 1: The Surface Web
- Level 2: Bergie Web
- Level 3: Deep Web
- Level 4: Charter Web
- Level 5: Marianas Web
- Level 6: The Mediator Layer
- Level 7: The Fog/Virus Soup
- Level 8: The Primarch System
What matters, though, are three (3) actual categories:
- The Surface Web (what you see without signing in)
- Deep Web (where your passwords live)
- Dark Web (where your passwords are sold)
Everything else is entertainment.
Exploring the levels of the internet you know (Levels 1-4)
Level 1: The Surface Web
This is the downtown area of the internet (think bright lights, storefronts, crowds of people).
It’s where you read the latest sports news, “ooh” and “aah” over product catalogs, and find the best hotel deals.
The Surface Web is generally safe, but if you’re a bargain hunter, beware: Fake e-sites have surged 250% across major brands.
And according to a survey cited on MSN, 68% of 30,000 people across 185 countries can’t tell the difference between a fake and real site.
Which has led to $138.56 billion in fraud losses worldwide.
And if you’re doing business, you may be losing $4.61 for every $1 of ecommerce fraud.
So, while the Surface Web is where the bright lights live, it’s also where the wool can be pulled over your eyes in broad daylight.
Level 2: Bergie Web
Bergie sites are still part of the Surface Web, but they often host copyrighted or geo-restricted content.
This is where you get niche underground communities, torrent sites for banned films, cracked app repositories, and 4chan conspiracy boards.
And although 4chan is found in Google search results, Bergie sites like 8kun aren’t.
Bergie is the underbelly of online culture, where tripcodes (digital identifiers) allow influencers to stand out without breaking anonymity.
Recently, a 4chan poster, identified only by the tripcode SBC7HL, sent traders into a tizzy when they predicted Bitcoin scaling to $250,000. This led experts to warn about choosing fringe FOMO forecasts over disciplined analysis.
Level 3: Deep Web
Coined by web scientist and researcher Michael K. Bergman, the “Deep Web” hosts content that can’t be crawled or indexed by search engines.
Bergman contends that 60 of the largest Deep Web sites collectively exceed the size of the Surface Web by 40.
The Deep Web is where you log in to your email & SaaS apps, access your bank account, and check your health records. Public users can't find your credit card details or QuickBooks transactions on the Surface Web.
Every page is locked behind an identity check. You get in with a username, password, or your LastPass biometrics.
The Deep Web also hosts private research networks, encrypted company databases, national security systems, and university archives.
Most of the content on the Deep Web isn't illegal or illicit — it's simply private.
How can I access the Deep Web?
The Deep Web can be accessed with your browser.
For example, login pages for your Amazon, Facebook, or Walmart accounts may show up in search results.
But you’ll have to sign in with your credentials to get access.
In some cases, login pages won’t show up on the Surface Web.
If your employer or business uses a cloud portal, your sign-on (SSO) page likely won’t be public. However, stored data here remains part of the Deep Web.
Level 4: Charter Web
This is where private military networks live, completely air-gapped from the public internet. Here, you’ll find SIPRnet, a DoD (Department of Defense) network handling classified communications and operations data.
You’ll need Secret clearance to access SIPRNet.
The Charter Web also hosts JWICS (the Joint Worldwide Intelligence Communications System), which is used by the NSA, FBI, and CIA to share classified intelligence.
You’ll need Top Secret clearance and biometric authentication to access JWICS.
Other Charter Web tenants include:
- Secure NATO networks connecting 30 countries
- DoD coalition networks like CENTRIXS linking over 40 nations
In 2010, a SIPRNet breach led to the exposure of hundreds of thousands of classified documents.
Descending into the realms of the Dark Web (Levels 5-8)
First, let’s define the Dark Web before we explore its deepest levels.
What is the Dark Web?
The Dark Web is the remaining 0.001% of the Internet. It’s effectively invisible to search engines, so you can’t type your way in.
You’ll need Tor (the Onion Router) for access, a special browser which wraps your connection in layers of encryption.
Some infamous sites like the Silk Road lived here. Shut down in 2013, Silk Road was a hub of illicit drug sales. About 60% of the Dark Web now hosts illegal activities like:
- Drug and weapons trading
- Sales of stolen credentials
- Sales of MaaS (malware-as-a-service) kits with infostealer capabilities
- Sales of zero-day exploits, counterfeit currency, and forged documents
But illegal activities aren’t the Dark Web’s only purpose. It's also a haven for human rights activists, journalists, and political figures trying to evade surveillance by repressive regimes.
How can I access the Dark Web?
The Dark Web can be accessed with special browsers. One of the most popular is Tor, which hides user identities, IP addresses, and network activities.
Unlike the Surface Web, the Dark Web doesn’t have an indexing system.
You must directly type in the URL you want to visit or use a Dark Web search engine.
These engines, however, have no safeguards, meaning you could be exposed to sites hosting illegal, unethical, or potentially harmful materials.
The Dark Web can also be accessed using open-source OS like Tails, which is based on Debian GNU/Linux and routes all traffic through Tor by default.
What are the levels of the Dark Web?
You’ve seen the viral charts online. The Dark Web supposedly consists of the Marianas Web, Mediator Layer, Fog/Virus Soup Layer, and the Primarch System.
The truth? Most of this is internet folklore designed to entertain.
Level 5: Marianas Web (MYTH)
True believers contend this is the internet version of the Marianas Trench. They say this is where you’ll find the location of Atlantis, along with the world’s most secret AI, extraterrestrial, and nuclear projects.
This layer is supposedly locked behind encryption so advanced, only quantum computers can access it. Mentions of the Marianas Web surfaced on 4chan and Reddit sites around 2011.
The Marianas Web taps into the uneasy fear that unstoppable forces beyond our reach and control will end human civilization as we know it.
However, no one has actually proven it exists.
Level 6: The Mediator Layer (MYTH)
The Mediator Layer is said to be the bridge between the known and forbidden. It's like a digital bouncer, filtering what reaches the hidden depths of the internet.
The word on the street is: You can only get in if the system lets you.
This is supposedly where corporations keep their most advanced tech before they’re released.
Level 7: The Fog/Virus Soup (MOSTLY MYTH)
The Fog layer supposedly hosts sentient AI systems.
Here, AI can think and act autonomously. It can rewrite its own code and communicate in ways humans can’t.
Meanwhile, the Virus Soup is a digital graveyard, where old viruses hunker down in legacy servers and misconfigured devices. The Virus Soup isn’t myth, as older machines that no longer receive updates can infect newer devices.
In contrast, the Fog layer is allegorical - but plays on the real fear that AI could become autonomous, potentially hostile, and uncontrollable.
This fear is a major trope in the role-playing game Cyberpunk 2077, where a digital barrier known as Blackwall separates the New Net from the Old (Deep) Net.
It's this barrier that protects everyone, supposedly, from rogue AI bent on world domination.
True believers contend: The question isn’t if AI will become autonomous, it’s when and who can control it when it does.
Level 8: The Primarch System (MYTH)
Finally, we get to the Primarch System. This is yet another allegorical layer of the Dark Web. It’s where you’ll supposedly find detailed exposes of the Holy Grail, Area 51, and the Bermuda Triangle.
Some Reddit users even claim the Primarch has contingency plans to preserve life in various apocalyptic scenarios.
Meanwhile, the name Primarch comes from Warhammer 40K, where the Emperor of Mankind genetically engineers 20 demigod “sons” or primarchs to unify and save humanity.
The internet Primarch plays on this theme of a genetic father and guardian whose ceaseless existence sustains the Galaxy.
Like the other three (3) levels before it, the Primarch System satisfies the oldest of longings: to obtain the inaccessible and be part of an elite group that “owns” knowledge others can’t touch.
Deep vs Dark Web: What’s the difference?
The difference between the Deep and Dark Web lies in the level of accessibility, type of content, and potential risks.
Level of accessibility
|
Deep Web |
Dark Web |
|
Accessible through standard browsers (Chrome, Firefox, Safari) |
Must use the Tor browser and .onionURLs |
|
Easy access to popular search engines like Google and Bing |
Must use Dark Web search engines such as Ahmia, TorDex, or the onion version of DuckDuckGo |
|
Low anonymity |
High anonymity, with some private marketplaces requiring invites |
|
Example: Your online banking portal, work email, Netflix account |
Example: Dark web marketplaces like Abacus and STYX |
Types of content
|
Deep Web |
Dark Web |
|
Banking and financial records |
Hacking services and tools |
|
Medical records and health portals |
Counterfeit goods marketplaces |
|
Corporate intranets |
Stolen credit card details |
|
Subscription services |
Whistleblower platforms (legitimate use) |
|
E-commerce platforms |
Leaked login credentials |
|
Crypto tumblers for laundering illicit gains | |
|
Government records and databases |
Illegal arms marketplaces |
|
Academic research and paid journals |
Narcotics and psychedelics catalogs |
|
Customer databases and CRM systems |
Potential risks
|
Deep Web risks |
Consumers |
Businesses |
|
|
Account takeovers if passwords are weak | |
|
|
Data breaches due to weak platform security |
Intellectual property theft |
|
|
Phishing attacks targeting login credentials | |
|
|
Malware infections from compromised sites |
Compliance violations |
|
Dark Web risks |
Consumers |
Businesses |
|
|
Trade secrets leaked | |
|
|
Sale of credit card and login credentials enable account takeovers |
Ransomware-as-a-service kits used for attacks |
|
|
Exposure to illicit or extremist content carries psychological harm and legal risks |
Customer info sold |
The real internet threat: Ecommerce fraud
Now that you understand the internet’s actual structure, let’s talk about the threat that’s costing consumers and businesses billions: ecommerce fraud.
According to ecommerce fraud prevention research from Equifax, Stripe, and Justt, here are the primary fraud types threatening your way of life:
#1 Card-not-present (CNP) fraud
Attackers use your stolen credit card details to make unauthorized purchases. If you’re running a business, you’re dealing with chargebacks (more on this below), lost merchandise, and processing fees.
#2 Account takeover (ATO) fraud
Hackers gain access to your accounts using leaked credentials from Darknet forums. They make purchases, steal your data, and drain your loyalty points.
#3 Refund fraud
If you’re running a business, you already know about counterfeit‑return scams and false “item not received” (INR) claims. They’re costing businesses $100 billion+ annually in North America alone.
#4 Interception fraud
Fraudsters place orders with your stolen card and then intercept packages by changing shipping addresses just before delivery.
#5 Bot attacks
Attackers use automated programs to test credit cards or conduct credential stuffing attacks at scale.
#6 New Account Opening (NAO) fraud
Deepfake and synthetic identities are directly fueling NAO fraud. In 2024, reported losses from new account fraud hit $6.2 billion, more than double the losses from a decade earlier.
#7 eGift card fraud
Scammers use your stolen info to buy eGift cards and resell them. On your end, you see a fraudulent charge you’ll have to dispute with your bank.
If you’re the business selling eGift cards, you’re on the hook for chargeback and refund costs.
#8 Triangulation fraud
Attackers build a fake storefront and offer “great” deals. When you pay, they steal your credit card info and forward your order to the real merchant.
Meanwhile, your credit card is charged twice: once by the scammers and once by the actual merchant.
Ecommerce fraud detection & prevention: How you can fight back
Whether you’re a consumer or business owner, this action plan creates an immediate impact for your safety:
- Protect your emails, the gateway to your financial accounts and shopping profiles, with LastPass Dark Web Monitoring. A key target of attackers, bank logins sell for $200-$1,000 on the Dark Web.
If your credentials surface on Dark Web sites, you get an immediate alert so you can secure your accounts before attackers strike.
Get Dark Web Monitoring free with Premium (for individuals) or Business Max (for businesses). No credit card required, so you can get pure value from day one and full peace of mind.
With Business Max, you can also track SaaS logins. LastPass shows you which employees are using weak passwords for both approved and unapproved apps.
Here’s the true value of Business Max SaaS Monitoring + Protect: Everyone gets strong credentials that are tracked 24/7.
Remember, cloud admin credentials sell for tens of thousands of dollars on Dark Web forums. Attackers aren’t just after regular SaaS logins; they’re also after logins with high privilege access.
Your information already on the Dark Web? Get answers to questions about the Dark Web you always wanted to know – but were too embarrassed to ask.
- Update your current passwords: Use the LastPass generator to create strong passwords based on current NIST recommendations.
- Every extra barrier you add matters. Enable FIDO2 MFA on your most critical accounts (banking, payroll, payment processing, healthcare portal). See how you can turn on advanced MFA for Premium and Business Max.
- Set up transaction alerts for all cards. This allows you to immediately spot and dispute fraud before losses escalate.
- Set up fraud alerts with major credit bureaus like Equifax, Experian, and Transunion. This requires lenders to verify your identity before approving credit, adding a critical verification layer to catch scammers.
- Consider freezing your credit report if not actively seeking loans. This stops identity thieves from opening loans in your name.
And if you’re doing business, a key concern is: Stolen customer credentials used for fraudulent purchases.
With each successful customer dispute, your chargeback rates rise, hurting your reputation with card processors.
Is chargeback prevention possible?
The answer is yes.
While you can’t stop every chargeback, you can reduce chargebacks by 60-70% with the right defenses.
Right now, many of your peers are still fighting yesterday’s war.
They’ve deployed the basics: AVS verification, CVV checks, 3-D Secure 2.0, and fraud detection tools that flag suspicious orders. These work brilliantly for stolen credit cards.
But you know that’s not the only thing destroying margins.
The $41 billion problem no one wants to talk about
By 2026, global chargeback volume is projected to reach 337 million transactions, a staggering 42% increase from 2023 levels.
In all, chargebacks will cost businesses $33.79 billion in 2025 and are projected to reach $41.69 billion by 2028.
And here’s the scary part: 75% of all chargebacks are likely cases of friendly fraud, customers you’ve already verified, who dispute transactions after receiving their goods.
So, what’s the solution?
Chargeback solutions: Where prevention and recovery team up to protect your business
Modern chargeback protection for merchants isn’t about one silver bullet. It’s about:
- Prevention - stopping chargebacks before they start
- Recovery - winning back the ones that are fraudulent
#1 The VTEX-Equifax Kount chargeback fraud prevention solution
What this means for you: When a scammer tries a new scheme, Kount has likely already seen it.
You’re no longer fighting fraud alone; you have the collective intelligence of 20,000+ businesses from 40+ countries protecting you.
With Kount’s machine learning capabilities, the system gets smarter with every transaction.
To supplement Kount's prevention capabilities, consider Midigator (also an Equifax product and now part of Kount) for chargeback management & recovery services.
#2 The Justt-Ravelin chargeback fraud prevention solution
What this means for you: Most ecommerce fraud prevention stops at blocking bad transactions.
This partnership combines both prevention and recovery, offering an optimum solution if you’re in high-risk verticals like food delivery, digital goods, event ticketing, or transportation.
While Ravelin prevents fraud at the transaction level, Justt recovers revenue by assembling highly tailored “dynamic arguments” for each dispute. Together, they close the fraud loop for you.
Disclaimer The right chargeback prevention and recovery solution will depend on your business needs, industry, risk tolerance, and other factors. We highly recommend conducting your own due diligence and consulting with a qualified professional who understands your business model before implementing any chargeback prevention strategy or selecting a service provider.
Sources
YouTube: The 7 levels of internet
YouTube: Every level of the internet explained in 17 minutes
Investopedia: What is the deep web?
CSO Online: What is the Dark Web? How to access it and what you’ll find
Congress.gov: Dark Web overview
Capitol One: Ecommerce fraud statistics
Thomson Reuters: Best practices to prevent e-commerce fraud
Justt: Ecommerce fraud detection & prevention: Complete 2025 guide for online businesses
Stripe: Ecommerce fraud prevention and detection
Equifax: Ecommerce fraud prevention and detection
CybelAngel: What’s on the Dark Web? Your guide to the biggest players in 2025
DeepStrike: Top 7 Dark Web marketplaces of 2025: Inside the underground economy
Chargeflow: The ultimate chargeback statistics 2025: Trends, costs, and solutions
