To help reduce phishing risk, 1Password added an extra layer of protection and began rolling out a phishing prevention feature designed to stop users before they share passwords with scammers.
How 1Password phishing prevention works
When a user clicks a link whose URL doesn’t match a saved login, 1Password will not autofill their credentials. To avoid confusion, the product displays a warning message that prompts users to pause and reconsider before proceeding.
Source: 1Password
For individual and family plan users, the feature will be enabled by default when it becomes available. 1Password admins can enable it for employees in the Authentication Policies section of the 1Password admin console.
Phishing prevention ultimately hinges on employee decisions
Phishing attacks once stood out because of typos or sloppy design, but AI is making them harder to spot. A brief lapse in judgment can be enough to give sensitive information away.
According to a 1Password survey, 89% of Americans have encountered a phishing scam, and 61% say they have fallen victim to one. These attacks arrive through email, text messages, phone calls, social media, online ads, and even search results.
In the survey, 36% of workers admitted they had clicked a suspicious link in a work email, and weak password habits are still common at work. While companies can put many safeguards in place, phishing prevention ultimately comes down to whether an employee decides to click or not.
“Getting ahead of phishing attacks is all about communication, that’s what disrupts the scammer’s plan. The most important thing an employee can do if they receive a suspicious message is tell someone. A lot of attacks could be prevented by simply knocking on the cubicle next door and saying ‘hey, does this look right to you?’ If someone believes they’ve already been phished, they should notify IT immediately. Those are the skills you learn with good training, and they need to be constantly reinforced, so people remember them when they get those urgent, scary-looking messages,” said Dave Lewis, Global Advisory CISO, 1Password.