Phishing is a type of deception designed to steal your valuable personal data, such as credit card numbers, passwords, account data, or other information. 

How to tell if an email message is fraudulent

Here are a few phrases to look for if you think an email message is a phishing scam.

"Verify your account"

Businesses should not ask you to send passwords, login names, Social Security numbers, or other personal information through email.

“If you don’t respond within 48 hours, your account will be closed.”

These messages convey a sense of urgency so that you’ll respond immediately without thinking.  Phishing email might even claim that your response is required because your account might have been compromised.

“Dear Valued Customer.”

Phishing email messages are usually sent out in bulk and often do not contain your first or last name.

“Click on the link below to gain access to your account.”

HTML-formatted messages can contain links to forms that you can fill out just as you would fill out a form on a Web site.  The links that you are urged to click may contain all or part of a real company’s name and are usually “masked,” meaning that the link you see does not take you to that address but somewhere different, usually a phony Web site.  Resting the mouse pointer on the link reveals the real Web address.

Follow these guidelines to protect yourself from phishing scams sent through e-mail:

1. If you think you’ve received a phishing e-mail message, do not respond to it.
   
   
2. Don’t click links in e-mail messages.
   Links in phishing email messages often take you to phony sites.  Avoid clicking a link in an email message unless you are sure of the destination.
   
   
3. Type addresses directly into your browser or use your personal bookmarks.
   If you need to update your account information or change your password, visit the Web site by using your personal bookmark or by typing the URL directly into your browser.
   
   
4. Check the security certificate before you enter personal or financial information into a Web site.
   Make sure the site is secure before you type.  In Internet Explorer, you can do this by checking the yellow lock icon on the status bar.  The closed lock icon signifies that the Web site uses encryption to help protect any sensitive, personal information that you enter.  Note this symbol does not need to appear on every page of a site, only on those pages that request personal information.
   If you don’t see the status bar at the bottom of your browser window, click View at the top of the browser, and then select Status Bar to activate it.
   
   
5. Don’t enter personal or financial information into pop-up windows.  One common phishing technique is to launch a fake pop-up window when someone clicks a link in a phishing email message.  To make the pop-up window look more convincing, it may be displayed over a window you trust.  Even if the pop-up window looks official or claims to be secure, avoid entering sensitive information, because there is no way to check the security certificate. 
   
   
6. Use the latest products and services to help warn and protect you from online scams. E-mail software with any-phishing capabilities can help identify and warn you about suspicious emails.