The reality of using the internet these days is that you will inevitably be phished at some time. Phishing has become a very lucrative enterprise. The U.S. Congress demonstrated how easy it is to represent yourself as the FBI in a hearing to plan how to deal with phishing. The objective is not to get caught by phishing.
The first thing you can do is to use your antivirus software to avoid phishing. Most of the best antivirus programs have a part of the program or an added program that directly addresses phishing and the methods people use for it. You need to keep your antivirus software as up to date as possible.
Of course, phishers can buy the same antivirus program too. They take the program apart and find the vulnerabilities and then use them to gain your personal information. This is why you need to be an active participant in preventing phishing.
Email is your worst enemy
You can create a list of accepted email senders in most email accounts. This allows the people you know to send email to your inbox and those that are not on your list go to spam. Do not think that a contacts list will totally prevent phishing because a phisher can access your contacts list very easily and not only do you harm but cause harm to all of your contacts.
You must realize that government organizations, banks, credit card companies, or any reputable business rarely will send you an email. If they do it is probably an ad. Reputable and safe businesses never ask you to email them personal information because they already have it.
Beware email with attachments or links
You cannot trust an email that has an official looking logo or signage. Anyone can get the logo that identifies them as a bank, the FBI, or a credit card company from the company’s website or Wikipedia. Just because the email has the picture does not mean the person that sent it is legitimate.
One of the best ways to prevent phishing is to verify. Call the company that is involved with a suspicious email and ask if they sent it. If the company did not send the email then you can forward the phishing email to them and let them handle the hassle of dealing with the police, FBI, or the NSA.
Letting a company do the work keeps you from being exposed to future phishing or even physical retaliation.
Most phishing comes from Africa, China, Russia, and parts of the Middle East, although there are phishers in every country. If you read the email you will probably see inconsistencies in the wording, language, or nuance of the message that will tell you that the person that sent the email does not really speak your native language very well.
Keep your information private
Keep your personal information private. You can do this by keeping any delicate personal information on paper and off of your computer. A file with all your passwords and credit card numbers is a gift you do not want to make to anyone.
Never send any personal information through email or any social networks. Most people should know this but many people still email information that can cost them a fortune.
Check any website for security before you give them any personal information. The address with http means that a website is secure. Do not bet your life savings on the protection of an http site alone. You can use VirusTotal, free security service, to verify that a website is indeed secure before you enter any personal data.
Do not respond to solicitations in chat rooms, on social media sites, or from entities that you would never expect to hear from, like the FBI or the CIA.
Most phishing messages can be identified because they are overly friendly and make an offer that is just too good to be true. Phishing depends on gullibility and greed to be successful. You need to develop a fine sense of disbelief in anything you get through email from people you do not know.
Use only one absolutely secure computer to do any business that involves money on. Using a computer that can be accessed by or has been used by a lot of people to do business on is an open invitation to phishers. The phisher is just sitting and waiting for their next victim on a public computer. Be smarter than this victim.