Never respond directly to any unsolicited email that asks you to update or verify your personal information. Banks, stores and other legitimate businesses will never ask you to give this information via email, particularly following the advent of phishing.
If there is any doubt as to whether or not the email is from who it purports to be, contact the company immediately to confirm and clarify the request for information. Be sure to call a phone number from your statement. Calling the phone number in the email is probably a direct line to the identity thief.
Never click on a link in any such email. To do so would be to risk downloading malicious Trojan horse spyware, which will install keyloggers in your computer system. This would provide hackers direct access to all the personal data stored on your computer, which they will use for their own nefarious financial gain.
Never, ever fill out forms contained in an email that request personal information. The mere request for this information should ring a loud alarm bell. Phishers are able to use HTML to design very official-looking email messages. Any information entered into these forms goes directly to the phisher
Never trust links contained in unsolicited email. Phishers have devised ways to spoof legitimate website links. Common tricks that are used include misspelling web addresses or using sub-domains that include the name of a legitimate business.
An email link can also be “masked” in such a way that it displays a very official looking text-link to a legitimate company’s website, but clicking on it will take you to the phisher’s web site.
