phishing

Phishing is The act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Website where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information.

To avoid getting hooked:

• Don't reply to email or pop-up messages that ask for personal or financial information, and don't click on links in the message. Don't cut and paste a link from the message into your Web browser — phishers can make links look like they go one place, but that actually send you to a different site.
  
• Some scammers send an email that appears to be from a legitimate business and ask you to call a phone number to update your account or access a "refund." Because they use Voice over Internet protocol technology, the area code you call does not reflect where the scammers really are. If you need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card.
  
• Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly.
  
• Don't email personal or financial information.
  
• Review credit card and bank account statements as soon as you receive them to check for unauthorized charges.
  
• Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.

source:http://www.smh.com.au/news/web/aussies-still-ignorant-about-phishing/2007/10/04/1191091252153.html