What is phishing, and why am I being phished?
Phishing is a scam that attempts to trick people into giving away sensitive information, like passwords and credit card numbers, and sometimes other personal information. Often the goal is to steal money or gain confidential information.
Most of the time, phishing scams will be under the guise of an email from a trusted source and can appear very convincing. For example, this could be a fake email from your credit card provider asking you to click a suspicious link and provide sensitive information. However, this doesn't necessarily mean there's been a data breach at your credit card company. These emails are often random and sent to anyone.
Phishing attacks frequently attempt to exploit users’ fears, curiosity, or helpfulness, sometimes with an element of urgency intended to prompt immediate action.
Unfortunately, the cost of running a phishing campaign is so low and the potential rewards are so high that phishing is part of the landscape of our digital lives. But there is one defense no hacker can overcome: the individual who refuses to engage with their message. If you don’t answer the call from “Scam Likely,” you won’t be a victim of that scam. If you don’t click on the email containing only a link sent by a college roommate you haven’t spoken to in three years, that virus won’t be installed on your computer.
How do I spot phishing?
If you receive a suspicious email that looks like it’s from us or a company claiming to be associated with us, don’t click links, download attachments, or reply to the message until you confirm it's legitimate.
- Approach with caution: Check all aspects of the email to confirm whether it's legitimate. This includes looking at the email sender's name and the accompanying email address. Sometimes phishing emails will have a glaring flaw like "email@example.com" or an abnormal typo in the body of the email. Also, mobile phones do not always show the complete sender’s email address. Lastly, if you weren’t expecting to receive a large sum of money or win a vacation to your dream destination, be suspicious of a message that says you have. (If something sounds too good to be true, it probably is.) Think of them as telemarketers.
- Stay calm and don't panic: Some phishing scams are designed to scare you and force you to take some form of action. They can range from saying you owe money to making legal threats to, most commonly, threatening to block access to your account. Make sure not to fall into this trap.
Always double-check: If a message seems to come from a service you use, contact them directly. In our case, you can email our Customer Support team with questions or concerns about your account or double-check the email came from us.
Please be careful with emails like this and remember to never type your Master Password on a website that is not Dashlane.com. Dashlane will never ask for your credentials or account information in an email.
If you're not sure if an email address belongs to us, compare it to this list of our official email addresses.
What if I suspect phishing?
Never click links, download attachments, or reply to a suspicious email.
If you receive what you think is a phishing attempt, please contact us and forward the email so that we can take the necessary security measures.
Making sure you're not phished and avoiding phishing attacks is like protecting against any other security issue. Always stay vigilant, continue to use strong passwords (including our password generator feature), and use a secure password manager like Dashlane for that extra security.
We’ve also created a "Phishing 101 Guide." This e-book covers how to educate employees about phishing, types of phishing, examples of real-world attacks, and a six-step action plan to prevent employees from taking the bait. It also features new statistics, examples, and visuals.