How to prevent Phishing attacks on WordPress site

I manage a site for a utility company that does not do their own online billing. Rather they host links to the third party that does it.

I wanted to protect against Phishing attacks with these links.

The first thing I was going to do was add a plugin for a Yubikey.

Will that be sufficient or should I also do something else? I was thinking about signing the links with a PGP key, but that may be too complex for the users of the site.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You cannot protect your clients from phishing. Only the final user himself can do that. And if the final user is stupid enough like a fish eating the byte from the hook, nobody can help him.

Or maybe you are not talking about phishig ...

phishing means the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
Martyn SpencerSoftware Developer / Linux System Administrator / Managing DirectorCommented:
If you are looking to provide some degree of general protection on the Wordpress site, take a look at wordfence. As matrix8086 says, phishing is not something you can prevent on links that you host. I wonder if you are trying to prevent something else?
burnedfacelessAuthor Commented:
I think you are misunderstanding.

I'm worried about my site being hacked so that false phishing links to the 3rd party are displayed, so that they get personal information.
 Acronis Global Cyber Summit 2019 in Miami

The Acronis Global Cyber Summit 2019 will be held at the Fontainebleau Miami Beach Resort on October 13–16, 2019, and it promises to be the must-attend event for IT infrastructure managers, CIOs, service providers, value-added resellers, ISVs, and developers.

Martyn SpencerSoftware Developer / Linux System Administrator / Managing DirectorCommented:
We were not misunderstanding. We were answering the question as asked and I was asking for clarification. Now you have been specific, I can say that my suggestion to take a look at wordfence was appropriate. You will want to prevent admin logins except from authorised IP addresses if that is possible and you will want to vet any plugins you are using to make sure that they are in no way affecting your security. I think wordfence is a good starting point for you.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Wordfence and other solution that can help you to keep your site safe. You cannot protect only that links. You NEED and MUST to protect the hole site
burnedfacelessAuthor Commented:
Martyn SpencerSoftware Developer / Linux System Administrator / Managing DirectorCommented:
You're welcome. Happy to have helped :)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.