How to Verify .onion Links
Last updated: July 2026
Phishing is the number one threat to darknet market users. Attackers create pixel-perfect copies of market login pages on similar-looking .onion URLs. When you enter your credentials, they steal your username, password, and any deposited funds.
Why You Must Verify Every Link
- Phishing sites look identical to real markets but steal your login details.
- Fake mirrors can redirect you to scam sites even if you have the correct URL.
- PGP verification is the only way to confirm you are on the authentic marketplace.
How to Verify a .onion Link Using PGP
- Find the official PGP-signed mirror list from a trusted source (e.g., Dread, the market's official forum).
- Import the market's public PGP key if you don't already have it.
- Verify the signature of the mirror list using
gpg --verify. - Check the fingerprint — ensure it matches the market's known fingerprint.
- Only use URLs that pass verification.
Example command:
gpg --verify mirror-list.sig mirror-list.txt
If the signature is valid, you will see "Good signature" and the fingerprint of the signing key.
Common Red Flags
- Unverified links shared on forums or chat rooms.
- Links that differ by one or two characters from the official URL.
- Pages that ask for your private key or 2FA code on the login page.
- Markets that do not provide a PGP-signed mirror list.
Never rely on unverified links from random sources. Always verify with PGP before entering any credentials.