Phishing is when someone uses a fake email address, phone number, or social media account to trick you into giving away sensitive information like passwords and credit card numbers. In addition to keeping your passwords and data safe, Dashlane works to warn you when you might be in danger of getting phished.
We have three types of phishing alerts, depending on your Dashlane plan and the app you're using.
- Standard phishing alerts warn you when you visit a fake website designed to look like the Dashlane site or when you use a potentially risky app on your Android device.
- Vault phishing alerts warn you when you paste or autofill login info that you've stored in Dashlane on a potentially risky site or app.
- AI phishing alerts warn you whenever you visit a website that our AI phishing-detection model has identified as risky.
Are you an admin of a Dashlane professional plan?
Learn how to set up phishing alerts for your organization or join our early access program for AI phishing alerts.
| Alert type | Free | Premium | Friends & Family | Starter and Standard | Team and Business | Omnix |
| Standard phishing alerts | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Vault phishing alerts | ✓ | ✓ | ✓ | ✓ | ||
| AI phishing alerts (early access) | ✓ |
Standard phishing alerts
All Dashlane customers and free users get standard phishing alerts. We alert you if you're on a fake website that's designed to look like the Dashlane site in your computer browser or when using a potentially risky app on Android.
Phishing alerts for fake Dashlane websites
This alert works in Chrome, Firefox, Edge, and Opera browsers.
We look actively for fake websites designed to look like the Dashlane website. If you ever click on a link for one of these scam websites, we send you to a warning page instead.
Select the checkbox on the warning page, and we'll automatically redirect you to our app if you click the same link again. Select Go to Dashlane to go immediately to the web app. You can also select the link to our blog to find resources for avoiding future scams.
Note: This phishing alert only works after you install the Dashlane Smart Extension in your browser and log in at least once. When you install the extension and log in, you download a list of websites we suspect are part of a scam. That way, we can warn you if you open any of these sites—even if you're not logged in to Dashlane.
If you want to report a phishing attack, you can get help through our support chatbot. Open the chatbot by selecting the Chat with bot icon, shown as a speech bubble, at the bottom of any Help Center page. In the chatbot, follow the prompts and enter a brief description.
Phishing alerts for risky apps on Android
Dashlane autofills your info when you log in to trusted Android apps. But we warn you if you're trying to autofill your info on a new app that looks potentially risky. We only show this warning if the app isn't already linked to the login in your Dashlane account.
Manage linked websites in Dashlane
You have two options when you see this warning:
- If you don't trust the app, select Cancel and search again for the app you want to log in to.
- If you trust the app, select Allow Autofill. If you don't want to see the warning again for this app, you can select Don't show me this again first.
Vault phishing alerts
Phishing alerts when copy-pasting login info in your computer browser
These alerts are available with Dashlane Premium, Friends & Family, Team, Business, and Omnix plans. These alerts don't come with Dashlane Free, Advanced, Starter, or Standard plans. The alerts work in Chrome, Firefox, and Edge.
Dashlane autofills your saved logins on trusted websites as you browse the web. If we can't autofill your information, you can copy and paste your username and password from the Dashlane Smart Extension to the site you want to log in to.
With phishing alerts, we warn you if the site where you're pasting your login info isn't saved for that login in Dashlane. If you're sure you recognize the site, select Trust and paste, and we'll autofill your info. If not, select Don't trust or X and leave the site.
Notes:
- The warning appears only once for each website unless you log out of Dashlane and log back in.
- The warning doesn't appear if you refresh the page after copying your login information, but appears if you open a new page.
- The warning appears when you go to the HTTP version of a site saved in Dashlane as HTTPS. For example, if you have a login for https://amazon.com, you'll see an alert when using that login on http://amazon.com.
Phishing alerts when autofilling login info on Android
Phishing alerts when autofilling login info on iPhone and iPad
AI phishing alerts
You’ll get these alerts only if your organization has set them up and if you're part of the Omnix plan.
Dashlane warns you whenever you visit a website that our AI phishing-detection model has identified as risky.
Dashlane’s AI phishing alerts use AI technology to detect suspicious sites and send you alerts the moment you visit one—even if you’re not logged into Dashlane.
You will see a pop-up with the URL of the site you’re visiting. If you don’t trust the site, you can select to Leave website. If you are sure the site is legitimate, you can select to Trust and dismiss alert.
Learn more about AI phishing alerts
Common questions about phishing
How can I spot a phishing attack?
Spotting a phishing attack can be difficult because the scammers try to disguise themselves as trusted sources.
You might get a message that looks like it's from a friend or your bank. People carrying out phishing attacks sometimes create an email address that's almost the same as the real email address of someone you trust. For example, you might get an email from no-reply@dashlane.io instead of an official Dashlane address like no-reply@dashlane.com.
Some phishing messages ask you to click a link to update your account information, verify a purchase, or reset your password. But the link leads to a fake website that looks like the real one. Scammers get access to any personal information you enter on the site.
Scammers might also ask you to download an attachment disguised as an invoice or an update to an app. But the attachment contains a program that gives the scammer access to information stored on your computer.
Other scams simply ask you to respond with your account details or credit card info.
Read our blog on why we'll never ask for login information in an email
More about how you can protect yourself from phishing
What can I do to prevent phishing?
Phishing emails look like official emails or real messages from someone you know. So sometimes phishing is hard to spot. But you can protect yourself in several ways whenever you open an email.
Be wary of requests for personal information: Official organizations usually don't ask for information like passwords or social security numbers in email. Dashlane will never ask for this information in an email or any other communication.
Check the sender's address: Scammers try to create email addresses similar to those of trusted sources, like banks or password managers. If you receive a message from Dashlane, make sure the sender is a Dashlane employee or one of these official email addresses:
- support@dashlane.com
- no-reply@dashlane.com
- dashy@dashlane.com
- success@dashlane.com
- jobs@dashlane.com
- webextension@dashlane.com
- opensource@dashlane.com
- breachreport@dashlane.com
Look for urgent or threatening language: Phishing emails use urgent language to get you to take immediate action. For example, they may claim your account will be closed unless you act immediately.
Look carefully at links and attachments: Make sure you know the email is legitimate before opening any links or attachments. Check links to make sure they go to the exact address of a real website.
Check the web address before entering your login details online: Only enter your Dashlane Master Password on our website. Log in through the Dashlane Smart Extension or go to dashlane.com and select Log in.
More steps to keep your account secure
2-factor authentication (2FA) is an added layer of prevention against phishing. Even if scammers have your login details, they can't get into your accounts without access to your mobile device when you have 2FA turned on.
If you think scammers have stolen your Dashlane Master Password or individual passwords, change any affected logins as soon as possible.
Create strong passwords with our Password Generator
Want to make your passwords the best they can be? Check out our blog post on password hygiene
Want to further protect your account? Check out our blog post on how to prevent ransomware attacks
Does the logo next to Dashlane’s name in my email inbox mean it’s official brand communication?
A Brand Indicator for Message Identification (BIMI) is the standardized way of discovering and publishing each brand’s preferred logo beside its email address. The logo confirms that you’re who you say you are and that the message is official brand communication. In your desktop inbox, you’ll see a blue checkmark icon.
With the rise of phishing attacks and fake information on the internet, BIMIs add a reliable layer of legitimacy to business communications.
Learn more about BIMIs in the Dashlane blog:
Dashlane Now Has a Brand Indicator for Message Identification (BIMI)