When it comes to email, be a bit like Sly Stallone in the movie Lock Up.
Advising a new inmate on how to survive, Stallone's character, Frank, tells the inmate "DTA, man...Don't Trust Anybody."
Those are words of wisdom when it comes to emails that direct you to a site where you need to log in or emails that contain a built-in login form, another common phishing ploy.
If an email instructs you to visit a site to log in, start with the assumption that the email is a scam and then think through the possibility that the email might be legitimate.
Reputable online companies don't ask for sensitive information in an email, nor will they include a login form in an email.
But sometimes it's not clear whether an email is part of a phishing scheme. For example, here's an excerpt from an email sent by a hypothetical Web hosting firm, ispHeaven:
"ispHeaven was not able to process payment on your credit card. Please verify your credit card information on file with ispHeaven via your control panel at https://controlpanel.ispHeaven.com."
If you actually have an account with ispHeaven, you might be inclined to click on the link. But in doing so, you may be moving a few steps closer to being a phishing victim.
Our next anti-phishing tip helps you avoid becoming a victim when you are dealing with phishing schemes that are so good, they seem to be legit.
Tip 2: Choose an Alternate Route >>
