Phishing is online identity theft. Phishing involves an e-mail fraud method in which the cyber criminal sends out legitimate-looking email for the purpose of gathering personal and financial information from recipients. The messages appear to come from well-established and trustworthy Web sites such as a bank or financial institution. These messages ask for password, credit card, or other account updates

Always be careful about emails that ask for personal information, even if the email appears to come from an enterprise you do business with. Phishing web sites usually copy the entire look of a legitimate web site. This makes it appear genuine. Reputable organizations will never use email to request that you reply with your password, Social Security number, or confidential personal information. Be suspicious of any email message that asks you to enter or verify personal information, through a web site or by replying to the message itself. Never reply to or click the links in a message. If you think the message may be legitimate, go directly to the company's web site (i.e., type the real URL into your browser).  The other option is to contact the company to see if you really do need to take the action described in the email message.

What you can do

1. \tWhen you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Ethical companies do not ask for this information via email.
2. \tDo not email personal or financial information. Email is not a secure method of transmitting personal information.
3. \tReview credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges.
4. \tUse anti-virus software and keep it up to date.
5. \tBe cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.
6. \tDo not click on hyperlinks in e-mails
7. \tVerify https (SSL) – When you pass sensitive information such as credit cards or bank information, make sure the address bar shows "https://" rather than just http://                                                                                                                                                                                                In addition, make sure that you have a secure lock icon at the bottom right hand corner of your Web browser.