Tips on How to Avoid Phishing

Got an email from Google today about how you can avoid phishing, which is defined by Wikipedia as “an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication.”

Here are the tips offered in the Google email:

  • Don’t reply to or click on links in emails that ask for personal, financial, or account information.
  • Check the message headers. The From: address and the Return-path should reference the same source.
  • Instead of clicking the links in emails, go to the websites directly by typing the web address into your browser, cut and paste or use bookmarks.
  • If on a secure page, look for “https” at the begging of the URL and the padlock icon in the browser.
  • Keep your computer’s antivirus, spyware, browser, and security patches up to date and regularly run system scans.
  • Review your accounts regularly and check for unauthorized activity.
  • Use a browser that has a phishing filter (Firefox, Internet Explorer, or Opera).

A related article by Walter Mossberg was also published at WSJ today, How to Avoid Cons That Can Lead To Identity Theft.