Bob Parsons at the Hot Points blog discusses Phishing:
There’s a new way to steal your identity. There’s a trick used to steal people’s credit card information that’s been in use for about one year. It’s called “Phishing” -- the word is fishing spelling with a “ph” instead of an “f”. And it’s very easy to fall prey to, if you don’t know what to look for.
Phishing is not only used to steal credit card information, but it’s also used to steal people’s entire identity.
If you don’t know how to detect Phishing, your personal info will be stolen.
You need to be aware of what Phishing is, and how to detect and protect yourself from it. It’s important that you read and make it a point to understand the rest of this article. If you don’t, you can be very sure that your credit card information (and quite possibly your identity) will be stolen.
How Phishing works.
Phishing begins when a crook creates an email that looks like it was sent from a reputable company. The emails that are sent look very real -- down to the smallest detail. They are created by professionals that are in the business of stealing your information and turning it into cash.
How to detect Phishing.
So how do you tell if an email being sent to you is a Phishing attempt? Fortunately, there are a number of rules you can follow and they are very simple:
1. Assume any email requesting that you verify your credit card, password or other information -- is Phishing. You need to be disciplined about this, because the crooks will use all sorts of 'alarming' reasons to get your data. They’ll say someone else accessed your account, or there’s been suspicious activity in your account. Ignore all of this. If you have to mitigate the concern, then do so by following the next rule.
2. Do not visit a company’s website by clicking on the link in the email. Instead, simply type that company’s web address into your browser. That way, you’re much more assured of going to the company’s real website, and not a sham website setup by some crook.
3. If you receive an email that simply does not contain your name, but instead refers to you as "Dear Customer", or doesn’t refer to you at all –- you should assume that it’s Phishing.