Dashlane’s AI model alerts businesses to phishing risks

Dashlane introduced AI phishing alerts, an advancement to the Dashlane Omnix platform that protects enterprises and users against threats targeting user credentials.

Trained by Dashlane on both legitimate and phishing sources, the new innovation detects and alerts users to phishing risks the moment they visit a suspicious website, while giving admins the insights to secure employees against phishing domains.

AI has made it even easier for threat actors to continually evolve their tactics to evade phishing detection tools, with 74 percent of IT leaders reporting that AI poses an increased threat to password security. AI phishing alerts augment traditional phishing protection and training by prompting users to verify the legitimacy of a site in real-time, regardless of how they arrived there. This acts as the last line of defense against phishing attacks, even those surpassing conventional controls, before credentials are entered.

“Defenders have to match the speed of attackers if they’re going to be successful in this AI era,” said Christophe Frenet, CPO at Dashlane. “The strength of our AI phishing model lies in its capability to proactively and dynamically catch threats, both known and unknown, helping enterprises to build phishing resistance. This adaptability is more important than ever as spoofed sites can be spun up and taken down faster than traditional methods like maintaining static block lists can support.” 

An intelligent, agile model

In contrast to rule-based filters or reliance on a threat intel database, Dashlane’s AI phishing alerts leverage an AI model that analyzes 79 phishing indicators in real-time, such as hidden login forms, external link ratios and concealed iFrames, to determine whether a domain is potentially malicious. Analysis occurs directly on the user’s device, ensuring complete privacy protection.

“For security teams that are strapped for resources, combating the rise of AI-enabled phishing campaigns can feel like a daunting task,” said Joanna Chen, CISO at Dashlane. “In these situations, end users are often the first and last line of defense. Having the right tooling in place can help protect users from falling prey to these types of attacks.”

The model builds upon the innovation and privacy protection built into Dashlane’s AI-powered autofill, which is trained to adapt to the millions of websites on the web to deliver a seamless user experience.

Enterprise-wide credential protection

AI phishing alerts accelerate Dashlane Omnix’s ability to proactively uncover and combat human risk, from the initial phishing threat to the ongoing secure management of credentials. While traditional password management is often limited to monitoring credentials stored within the vault, which leaves blind spots for employees who aren’t actively using the product, the Dashlane Smart Extension can now proactively address these shadow IT gaps and resolve at-risk credentials for every employee.

Building a phishing-resistant enterprise

Dashlane’s AI phishing alerts are the company’s latest advancement towards building phishing resistant enterprises. Dashlane recently announced it was the first credential manager to enable phishing resistant FIDO2 security keys as a primary authentication factor for passwordless vault access. This feature will be generally available for businesses later this year. The company also launched advanced protection of passkeys with confidential computing, as part of the Dashlane Secure Cloud.