The TorZon Handbook

a reader's guide
Edition  2026 · kept by hand
Chapter III

Chapter III. Safety and OpSec

Phishing defence, wallet hygiene, comms rules

The technology under Tor markets has not failed once in ten years. The people using them have failed constantly. This chapter is a list of the mistakes that lose accounts and money, and the boring habits that prevent them.

§1. Phishing defence

Almost every lost TorZon account gets phished, not hacked. The pattern is always the same. Somebody clicks a link from a search-engine result or a forum banner. The page looks identical to the real login. They type the password. It goes to the attacker. Two habits stop this:

§2. Wallet hygiene

Coin that funded your market wallet must not be traceable to your identity. If you buy Bitcoin from a KYC exchange and send it straight to the market, the exchange withdrawal record ties your ID to your market account. Route through a fresh wallet, or better, buy Monero peer-to-peer.

§3. Communication rules

Every serious Tor storefront has an on-platform PGP-encrypted message system. Use it. Do not move the conversation to Telegram, Signal, Wickr or clearnet email. Every off-market channel is a new attack surface with weaker guarantees.

Encrypt shipping details locally to the vendor PGP key before sending. That way the storefront sees only ciphertext for the sensitive fields even if the storefront database gets seized.

§4. Bookmarks and habits

§5. Never do these

Convenience is the attack vector. Habits are the fix. Print this chapter, tape it to the wall next to your Tor computer.