Phishing is when someone uses a fake email address, phone number, or social media account to trick you into giving away sensitive information like passwords and credit card numbers. In addition to keeping your passwords and data safe, Dashlane works to warn you when you might be in danger of getting phished.
We send alerts in several potentially risky situations depending on your device and your Dashlane plan.
Dashlane no longer sells Starter or Team plans. If you already have a Starter or Team plan, you can keep and renew your current plan or switch to a different plan.
| You get an alert if you... | Where? | Free | Premium | Friends & Family | Starter & Standard | Team/Business Business Plus |
||
| Visit a fake website that looks like the Dashlane site | Computer browser | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| Paste login info to a site that's not associated with that login in your Dashlane account | Computer browser | ✓ | ✓ | ✓ | ||||
| Use Autofill in a potentially risky app | Android | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| Autofill login info on a site or app that's not associated with that login in your Dashlane account | Android | ✓ | ✓ | ✓ | ||||
| Autofill login info on a site or app that's not associated with that login in your Dashlane account | iPhone/iPad | ✓ | ✓ | ✓ | ||||
Phishing alerts for fake Dashlane websites
This alert works in Chrome, Firefox, Edge, and Opera browsers.
We look actively for fake websites designed to look like the Dashlane website. If you ever click on a link for one of these scam websites, we send you to a warning page instead.
Select the checkbox on the warning page, and we'll automatically redirect you to our app if you click the same link again. Select Go to Dashlane to go immediately to the web app. You can also select the link to our blog to find resources for avoiding future scams.
Note: This phishing alert only works after you install the Dashlane extension in your browser and log in at least once. When you install the extension and log in, you download a list of websites we suspect are part of a scam. That way, we can warn you if you open any of these sites—even if you're not logged in to Dashlane.
If you want to report a phishing attack, you can get help through our support chatbot. Open the chatbot by selecting the Chat with bot icon, shown as a speech bubble, at the bottom of any Help Center page. In the chatbot, follow the prompts and enter a brief description.
Phishing alerts when copy-pasting login info
These alerts come with Dashlane Premium, Friends & Family, Team, Business, and Business Plus plans. These alerts don't come with Dashlane Free, Advanced, Starter, or Standard plans. The alert works in Chrome, Firefox, and Edge.
Dashlane autofills your saved logins on trusted websites as you browse the web. If we can't autofill your information, you can copy and paste your username and password from the Dashlane extension to the site you want to log in to.
With phishing alerts, we warn you if the site where you're pasting your login info isn't saved for that login in Dashlane. If you're sure you recognize the site, select Trust and paste, and we'll autofill your info. If not, select Don't trust or X and leave the site.
- The warning appears only once for each website unless you log out of Dashlane and log back in.
- The warning doesn't appear if you refresh the page after copying your login information but appears if you open a new page.
- The warning appears when you go to the HTTP version of a site saved in Dashlane as HTTPS. For example, if you have a login for https://amazon.com, you'll see an alert when using that login on http://amazon.com.
Phishing alerts on Android
Phishing alerts for risky apps on Android
Dashlane autofills your info when you log in to trusted Android apps. But we warn you if you're trying to autofill your info on a new app that looks potentially risky. We only show this warning if the app isn't already linked to the login in your Dashlane account.
Manage linked websites in Dashlane
You have two options when you see this warning:
- If you don't trust the app, select Cancel and search again for the app you want to log in to.
- If you trust the app, select Allow Autofill. If you don't want to see the warning again for this app, you can select Don't show me this again first.
Phishing alerts when autofilling login info on Android
Phishing alerts when autofilling login info on iPhone and iPad
Common questions about phishing
How can I spot a phishing attack?
Spotting a phishing attack can be difficult because the scammers try to disguise themselves as trusted sources.
You might get a message that looks like it's from a friend or your bank. People carrying out phishing attacks sometimes create an email address that's almost the same as the real email address of someone you trust. For example, you might get an email from no-reply@dashlane.io instead of an official Dashlane address like no-reply@dashlane.com.
Some phishing messages ask you to click a link to update your account information, verify a purchase, or reset your password. But the link leads to a fake website that looks like the real one. Scammers get access to any personal information you enter on the site.
Scammers might also ask you to download an attachment disguised as an invoice or an update to an app. But the attachment contains a program that gives the scammer access to information stored on your computer.
Other scams simply ask you to respond with your account details or credit card info.
Read our blog on why we'll never ask for login information in an email
More about how you can protect yourself from phishing
What can I do to prevent phishing?
Phishing emails look like official emails or real messages from someone you know. So sometimes phishing is hard to spot. But you can protect yourself in several ways whenever you open an email.
Be wary of requests for personal information: Official organizations usually don't ask for information like passwords or social security numbers in email. Dashlane will never ask for this information in an email or any other communication.
Check the sender's address: Scammers try to create email addresses similar to those of trusted sources, like banks or password managers. If you receive a message from Dashlane, make sure the sender is a Dashlane employee or one of these official email addresses:
- support@dashlane.com
- no-reply@dashlane.com
- dashy@dashlane.com
- success@dashlane.com
- jobs@dashlane.com
- webextension@dashlane.com
- opensource@dashlane.com
- breachreport@dashlane.com
Look for urgent or threatening language: Phishing emails use urgent language to get you to take immediate action. For example, they may claim your account will be closed unless you act immediately.
Look carefully at links and attachments: Make sure you know the email is legitimate before opening any links or attachments. Check links to make sure they go to the exact address of a real website.
Check the web address before entering your login details online: Only enter your Dashlane Master Password on our website. Log in through the Dashlane extension or go to dashlane.com and select Log in.
More steps to keep your account secure
2-factor authentication (2FA) is an added layer of prevention against phishing. Even if scammers have your login details, they can't get into your accounts without access to your mobile device when you have 2FA turned on.
If you think scammers have stolen your Dashlane Master Password or individual passwords, change any affected logins as soon as possible.
Create strong passwords with our Password Generator
Want to make your passwords the best they can be? Check out our blog post on password hygiene
Want to further protect your account? Check out our blog post on how to prevent ransomware attacks
Phishing alerts for Dashlane professional plans
We know admins of professional plans are especially concerned about phishing. Phishing alerts help you intervene at critical moments to protect your organization from data breaches and financial losses without investing in expensive anti-malware solutions.
We immediately notify your employees when they visit a website that we suspect is part of a scam. This prevents them from sharing sensitive information with people who want to harm your organization.
If your organization has a Team, Business, or Business Plus plan, we also warn your members in two other situations:
- When they're using a computer browser and copy-and-paste a username or password to a site that isn't saved for that login in Dashlane
- When they're using an Android or Apple mobile device and try to autofill login info on a website or in an app that isn't saved for that login in Dashlane
These alerts prompt employees to slow down and make sure they're entering their info on the right site.
When you launch Dashlane at your organization, phishing alerts require no extra setup and no activation on the part of your employees.
Want to know more about protecting your workplace from phishing scams?
Does the logo next to Dashlane’s name in my email inbox mean it’s official brand communication?
A Brand Indicator for Message Identification (BIMI) is the standardized way of discovering and publishing each brand’s preferred logo beside its email address. The logo confirms that you’re who you say you are and that the message is official brand communication. In your desktop inbox, you’ll see a blue checkmark icon.
With the rise of phishing attacks and fake information on the internet, BIMIs add a reliable layer of legitimacy to business communications.
Learn more about BIMIs in the Dashlane blog:
Dashlane Now Has a Brand Indicator for Message Identification (BIMI)