1. Don’t reply to, or click links within, emails that ask for personal, financial, or account information.
2. Check the message hea
ders. The ‘From:’ address and the ‘Return-path’ should reference the same source. If necessary, look at the expanded header as some phishing use vulnerable email servers to rout their messages.
3. Instead of clicking the links in emails, go to the websites directly by typing the web address into your browser, cut and paste, or use bookmarks.
4. If on a secure page, look for “https” at the beginning of the URL and the padlock icon in the browser.
5. Use a browser that has a phishing filter (Firefox, Internet Explorer, or Opera).
6. If you ever need to change your account information, such as your billing details or your password, you should always sign in to your account from the main login page of your trusted network (i.e. your bank’s main website) and make the changes directly within your account.