How Passwarden Protects From Phishing

One of Passwarden’s prominent features is how easy it is to manage and use strong, unique passwords with it. However, that’s not the only benefit. Today, we’ll tell you how this password manager protects you from phishing - a dangerous type of cyber attack that’s aimed at stealing (or “phishing”) your passwords.

Defend against phishing with Passwarden

What is a Phishing Attack and How It Works

Phishing is at its core an illusion designed to trick you into giving away your login and password. A criminal sets up an evil twin of a popular website (e.g. social networks like Facebook, stores like Amazon, banking sites, etc.). Its purpose is to look identical enough to the original, so that visitors would try to sign in on this impostor site. 

Naturally, once you enter your personal information on such a site, the hackers collect it and can then exploit at their pleasure. Some will use it in a straight-forward manner, e.g. to access your banking account and transfer funds. Others may be more discrete, setting up multi-layered schemes to conceal the fact of the data breach. The latter are generally more dangerous, since the more time a hacker has before the breach is detected - the more harm it can do.

How a Phishing Attack Occurs

All phishing attacks have a similar pattern, making it somewhat easier to secure against. First of all, a victim receives a link to the evil twin site. This can occur in a few vectors:

  1. Often, you will receive an email with the link from someone claiming to work for the organization that owns the site - bank assistant, site administrator, service agent, etc.
  2. Alternatively, you can find the link on another site or service that either belongs to the hackers, or has been compromised by them

The thing about the link is that it’s always almost identical to the original, but something is a bit off. A wrong character here (facelook.com instead of facebook.com), a weird domain name there (facebook.com.example.com instead of facebook.com). On such a site, you will see a carbon copy of the original login screen. You enter your password... aaaand it’s gone. Password phishing successful!

How to Protect Against Phishing

The best protection that security professionals recommend is to avoid clicking any suspicious links in emails, messages, and on sites. The second best option is to double check the URLs of the sites where you are requested to sign in, especially if you’re redirected to them from elsewhere. Phishing attacks prey upon the unwary.

 

However, let’s face up to a simple fact - most internet users are pretty lazy =) Most likely, you’re not double-checking each and every link you click and URL you enter. So, what do?

How Password Managers Protect from Phishing

A password manager like Passwarden grants you reliable protection against phishing, as long as it has an Autofill feature. How so?

 

When you save a login for a website in Passwarden, it automatically remembers not only the password itself, but also the URL. So when you visit this website later, Passwarden knows to suggest the stored password. This means that, if you ever enter a site that you have certainly already visited, but Passwarden does not suggest a password to fill automatically - most likely it’s a phishing site. Passwarden won’t fall for the disguised URL.

 

Any time you notice that Passwarden isn’t offering to sign you in on a website, check why that is. It might be because you haven’t saved the password for the site in Passwarden yet, or the site blocks the autofill option. However, it also might signal that something is amiss and you’re not on the website you thought you were on.

Protect yourself from phishing with Passwarden

Try out Passwarden right now and grant yourself, your team, and your family reliable protection from phishing attacks.