Phishing is when someone uses a fake email address, phone number, or social media account to trick you into giving away sensitive information like passwords and credit card numbers. In addition to keeping your passwords and data safe, Dashlane works to warn you when you might be in danger of getting phished. Depending on your plan, we send you alerts in two potentially risky situations.
|You get an alert...||Free||Advanced||Premium||Friends & Family||Starter||Team & Business|
|If you visit a fake website that looks like the Dashlane site||✓||✓||✓||✓||✓||✓|
|If you copy and paste login information that you've saved in Dashlane to a website that's not associated with that login in our app||✓||✓||✓|
How can I spot a phishing attack?
Spotting a phishing attack can be difficult because phishers try to disguise themselves as trusted sources.
You might get a message that looks like it's from a friend or your bank. Phishers sometimes create an email address that's almost the same as the real email address of someone you trust. For example, you might get an email from firstname.lastname@example.org instead of an official Dashlane address like email@example.com.
Some phishing messages ask you to click a link to update your account information, verify a purchase, or reset your password. But the link leads to a fake website that looks like the real one. Scammers get access to any personal information you enter on the site.
Scammers might also ask you to download an attachment disguised as an invoice or an update to an app. But the attachment contains a program that gives the scammer access to information stored on your computer.
Other scams simply ask you to respond with your account details or credit card info.
Phishing alerts for Dashlane Starter, Team, and Business plans
We know admins of Dashlane Starter, Team, and Business plans are especially concerned about the dangers of phishing. Phishing alerts help you intervene at critical moments to protect your organization from data breaches and financial losses without investing in expensive anti-malware solutions.
We immediately notify your employees when they visit a website that we suspect is part of a scam. That way, we prevent them from sharing sensitive information with people who want to harm your organization.
If your organization has a Team or Business plan, we also warn your members when they copy-and-paste a username or password to a site that isn't saved for that login in Dashlane. This alert prompts employees to slow down and make sure they're entering their info on the right site.
When you launch Dashlane at your organization, phishing alerts require no extra setup and no activation on the part of your employees.
Want to know more about protecting your workplace from phishing scams?
Phishing alerts for fake Dashlane websites
This alert works in Chrome, Firefox, Edge, and Opera browsers.
We look actively for fake websites designed to look like the Dashlane website. If you ever click on a link for one of these scam websites, we send you to a warning page instead.
Select the checkbox on the warning page, and we'll automatically redirect you to our app if you click the same link again. Select Go to Dashlane to go immediately to the web app. You can also select the link to our blog to find resources for avoiding future scams.
Note: This phishing alert only works after you install the Dashlane extension in your browser and log in at least once. When you install the extension and log in, you download a list of websites we suspect are part of a scam. That way, we can warn you if you open any of these sites—even if you're not logged in to Dashlane.
We're always looking for new phishing scams and ready to add to the list of fake websites that redirect to our anti-phishing page. If you think you've been the target of a new phishing scam, contact us and share the website.
Phishing alerts when copy-pasting login info
The feature currently comes with Dashlane Premium, Friends & Family, Team, and Business plans. This alert does not come with Dashlane Free, Advanced, or Starter plans. The alert works in Chrome, Firefox, and Edge.
Dashlane autofills your saved logins on trusted sites as you browse the web. If we can't autofill your information, you can copy and paste your username and password from the Dashlane extension to the site you want to log in to.
With phishing alerts, we warn you if the site where you're pasting your login info isn't saved for that login in Dashlane. If you're sure you recognize the site, select Trust and paste and we'll autofill your info. If not, select Don't trust or X and leave the site.
Note: The warning will show up only once for each website unless you log out of Dashlane and back in again. The warning doesn't appear if you refresh the page after copying your login information but should appear if you open a new page. The warning only works on HTTPS sites—not HTTP sites.
What you can do to prevent phishing
Phishing emails look like official emails or real messages from someone you know. So sometimes phishing is hard to spot. But you can protect yourself in several ways whenever you open an email.
Be wary of requests for personal information: Official organizations usually don't ask for information like passwords or social security numbers over email. Dashlane will never ask for this information in an email.
Check the sender's address: Phishers try to create email addresses similar to those of trusted sources, like banks or password managers. If you receive a message from Dashlane, make sure the sender is a Dashlane employee or one of these official email addresses:
Look for urgent or threatening language: Phishing emails use urgent language to get you to take immediate action. For example, they may claim your account will be closed unless you act immediately.
Look carefully at links and attachments: Make sure you know the email is legitimate before opening any links or attachments. Check links to make sure they go to the exact address of a real website.
Check the web address before entering your login details online: Only enter your Dashlane Master Password on our website. Log in through the Dashlane extension or go to dashlane.com and select Log in.
If you have any doubts or questions, contact Customer Support.
More steps to keep your account secure
2-factor authentication (2FA) is an added layer of prevention against phishing. Even if scammers have your login details, they can't get into your accounts without access to your mobile device when you have 2FA turned on.
If you think scammers have stolen your Dashlane Master Password or individual passwords, change any affected logins as soon as possible.
Want to make your passwords the best they can be? Check out our blog post on password hygiene
Want to further protect your account? Check out our blog post on how to prevent ransomware attacks