Of course, in order for a phisher to send you a phishing email, they have to have your email address. So it's a smart move to protect your email addresses and thereby avoid ever being in a situation where you can be phished.
Phishers get emails in the same way that spammers do. They may use inexpensive software that crawls Websites looking for email addresses. They create Websites and trick you into registering with your email address. They buy email databases from other spammers. Some even deploy nasty software viruses that raid contact databases and steal email addresses or they hack into third-party databases that contain your email address.
It's best to be very hesitant in disclosing your email address publicly. Putting your email address on your Website, for example, is a sure-fire way to start getting more spam and more phishing emails. The FTC reports that 86 percent of email addresses posted to web pages receive spam. Don't do it! Instead, use Web-based forms to allow prospects and others to send you emails without ever knowing your email address.
If you need to disclose an email address — for example, to subscribe to an industry e-newsletter — consider creating a new email address that is used exclusively for that newsletter but forwards to your email inbox. For example, you might use a generic email such as nospam@yourbusiness.com or you could use a specific one such as tradenewsletter-006@yourbusiness.com.
Always keep notes on which emails you give to which organizations, as this can help you determine what organizations are giving away your email addresses to spammers and phishers. If you get an email that seems to be from your bank, yet it's sent to, for example, tradenewsletter-006@yourbusiness.com (an email address you've never given to your bank), you know immediately that something's wrong.
Protecting your email addresses is half the battle, but that's not all you can do to stop the phishers.
Tip 4: Change Passwords Frequently >>
