I wrote this for my friends and family and I thought I'd share it here:

Last week my wife got an email message that looked like it was from our bank. (The message had similar coloring and branding as our bank's) It asked her to go to another website and update her account information. It was a scam to try and get our bank account information. I thought I’d share with you all a few tips for avoiding email scams like this (and viruses, malware, and the like, sent via email):

  • A reputable institution, like your bank, will rarely, if ever, email you and ask you to update your personal information.
  • Whenever you get an email that looks suspect, it’s important to double-check where it’s from. When my wife received the email from our bank (supposedly), the sender was chaseonline.com (a bad guy), not chase.com (our bank). The website address of the email sender must exactly match the institution you do business with. If you aren’t sure, just go to your bank’s website (in this case) and update your personal information (don’t click the link in an email from some shady character).
  • When you receive an email that contains a link, hover over the link to see where it goes. If you’ve never heard of the site, don’t click the link.
  • Don’t open attachments in email messages that are vague, with subject lines like, “Did you get this?”, “Here you go…”, and so on, even if they are from someone you know. My friend's email accounts are compromised on a regular basis.
  • I recommend setting your email permissions (in Hotmail, for instance) to the most secure setting. This typically means that any message you receive from someone that isn’t already in your contact list goes to your junk email folder. You can then check your junk email folder periodically and move false positives to your Inbox.

A quick note about searching and surfing: Build a trusted network of sites for various subjects. For instance, when I want to check out movies, I go to the MSN movie site, or the Internet Movie Database, because I know these are reputable sites.

Tony