1. Remember that if something sounds too good to be true, it probably is.
2. Ask yourself—why would you be singled out for a windfall or other special treatment out of the millions of other Internet users. If you can’t find a good reason, it’s probably a scam.
3. Don’t believe everything you read. Just because an email or website is presented attractively doesn’t mean that it’s telling you the truth.
4. Be patient. Too many users end up the victims of Internet crime because they do not stop to think, but instead act on impulse clicking on a “sexy” link or an interesting looking attachment without thinking of the possible consequences.
5. Unless you’re certain of a person’s identity and authority to request such information, never provide your personal information or information about your company/organization.
6. Don’t reveal personal and financial information in email. Be wary of emails that ask you to follow a link to enter such information.
7. If you think an email may not be legitimate, attempt to verify it by contacting the company or organization directly. But don’t use the contact information provided in the email to make contact, it could be bogus; look up the organization’s contact information yourself.
8. Double-check the URLs of websites you visit. Some phishing websites look identical to the actual site, but the URL may be subtly different.
9. Be cautious about sending sensitive information over the Internet if you’re not confident about the security of the website.
10. Be suspicious of unsolicited phone calls and emails that ask for information about your employees or other information. It could bea scammer calling.