3175x175(CURRENT).thumb.jpg.b05acc060982b36f5891ba728e6d953c.jpg)
1Password will warn users when it detects an unrecognized website that could be part of a phishing attack.
A successful phishing attack can cost a business an average of $4.8 million, according to research from IBM. To help reduce the risk of one succeeding, either at work or at home, 1Password is introducing a new phishing prevention feature that will watch for telltale signs of an attack, such as a website URL that’s slightly misspelled.
When a 1Password user clicks a link and opens a website with a URL that doesn’t match the one they have saved alongside login details, the 1Password browser extension will do two things. It won’t autofill their login credentials, and it will display a pop-up warning explaining that the current website’s URL “isn’t linked to a login in 1Password.”
The feature isn’t a foolproof way to stop phishing attacks from succeeding. Users can still choose to manually copy and paste their credentials into a suspicious website. But it will make them aware that they’re potentially dealing with a phishing scam with the hope that they will think twice and exercise more caution before proceeding.
The new phishing prevention feature is being rolled out to users starting today, but it could take several weeks for it to be available to everyone. For individual and family plan users, 1Password is enabling this feature by default once it’s available. For businesses it will need to be manually enabled by 1Password Admins.
Hope you enjoyed this news post. Feedback welcome.
Posted Friday 23 January 2026 at 4:04 am AEST (my time).
News posts... 2023: 5,800+ | 2024: 5,700+ | 2025: 5,700+
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.