Do not open an attachment unless you trust the source.
- Do you know the person who is sending you this file? If not, don’t open it. E-mail addresses can be “spoofed” – the “from” address can be faked.
- Once the message is open does the content match the sender? If not, send it back and ask for clarification.
- Does it make sense that they are sending it to you? If not, send it back and ask for clarification.
- Microsoft NEVER sends operating system patches as e-mail attachments. They will ask you to visit the Microsoft Web site to download any software.
Sending Personal Information
E-mail is not secure. Think of it as sending a postcard written in pencil. As the card is delivered it makes numerous stops and can be altered or read by various people. Personal information should never be sent via e-mail – ssn, credit card, name, phone, address, and date of birth in combination. Don’t send anything you wouldn’t want on a billboard.
“Phishing is a scam where the perpetrator sends out legitimate-looking e-mails appearing to come from some of the Web's biggest sites, including eBay, PayPal, MSN, Yahoo, BestBuy, and America Online, in an effort to phish (prounounced "fish") for personal and financial information from the recipient.”
Examples would be a message from your bank that asks you to update your account information. You click on the link, the legitimate bank site opens, then a page opens up on top asking you for your account info. This info page DOES NOT belong to the legitimate site. If you fill out your personal information and submit it, the info will go to the “phisher” to be sold or used to steal your identity.
Source: searchSecurity.com Definitions