1Password Adds Pop-Up Warnings for Suspected Phishing Sites

The 1Password digital vault and password manager has added built-in protection against phishing URLs to help users identify malicious pages and prevent them from sharing account credentials with threat actors. Like all tools of this kind, 1Password will not fill in a user’s login data when visiting a website with a URL that does not match the one stored in their vault. While this provides intrinsic protection against phishing attempts, some users may still fail to recognize that something is wrong and attempt to enter account credentials on dangerous pages.

To address this security gap, 1Password users will benefit from an extra layer of protection in the form of a pop-up alerting them of potential phishing risk. The new feature will be enabled automatically for ‘individual’ and ‘family plan’ users, while admins may activate it manually for company employees through the Authentication Policies in the 1Password admin console.

In its announcement, 1Password highlights that the phishing threat has increased with the proliferation of AI tools that help attackers perpetrate more convincing scams at a higher volume. A survey conducted by 1Password in the U.S. showed that 61% had been successfully phished and that 75% do not check URLs before clicking links. Additionally, almost half of the survey participants responded that phishing protection is the responsibility of the IT department, not theirs, and 72% admitted they had clicked suspicious links.

To read the complete article see: Bleeping Computer.