1. The “From” field does say PayPal - but this is easy to forge. Ignore it.
2. The e-mail is not addressed to me by name. I know that PayPal always use my name when they send me an e-mail.
3. The return e-mail link is not to the Paypal e-mail address.
4. If I hover the mouse over the “click here” link the target URL will show up in the bottom of my browser. When I actually do this, the target URL address looks nothing like a PayPal website or subdomain.
5. A similar thing will happen if I hover the mouse over the “help” link near the bottom. The target URL will not be a PayPal domain or subdomain.
6. I have read PayPal’s e-mail policy and I know that they would not ask me to submit any of my details in this manner.

The golden rule to avoid being phished is never to click on the link within the e-mail. Be aware that if you click on the link and decide upon arrival at the site that it’s a scam - the fraudsters might have the ability to extract information from your PC or to load spyware onto your machine even if you decline to enter information at that point.

Even if you think that the e-mail is probably genuine you are always safer to log into your account by using your web browser address bar or by clicking from your favourites list.

Also, just to be on the safe side, make sure your aware of the information policy of your important online accounts. Most reputable companies will have details of what type of information they will send you and what type of data they may ask you for by e-mail. More importantly, they will probably have clear guidelines about the types of information that they will not ask you for.

So here’s your plan:

1. Be aware of your online accounts information policy guidelines.
2. Never click on a “handy” link in an e-mail - always enter the site using your browser or favourites list.
3. Forward a copy of the e-mail to the official site in question. Most of them will be happy to confirm that it’s a phishing attempt or, alternatively, advise that there is a real problem with your account. This will also help shut down the scammers faster.
4. Delete any phishing e-mails you get immediately after forwarding to the “real” company. Once you’ve deleted them, clear out your “trash” folder to stop any accidental clicking in future.

Those 4 simple steps should be all you need to protect yourself against phishing. However, if you’re a worrier, or if you just want to get a bit more high tech there are some other tools available.

Some online companies produce toolbars that tell you when you have strayed on to a dodgy website. Ebay was one of the first to produce such a downloadable toolbar. The toolbar goes green if you are on an Ebay website and red if the website is not associated with Ebay.

Other independent firms such as Geotrust, Netcraft, Comodo, Cloudmark, and Phishing.net  produce toolbars designed to work with Internet Explorer which use different methods to verify the sites you visit.

Some use a database of information produced by organisations like the Phish Report Network and Digital Phishnet, who collect information regarding online fraud.

Othes refer to a list of known fraud sites, whilst others depend on a network of volunteers to generate a list of fraud sites based upon the e-mails they receive.

Statistics collected by the Anti-Phishing Working Group shows that the average lifespan for a phishing site is a mere 5.7 days. The longest any phishing site is known to have lasted for is only 30 days. Therefore, any security based on a reference list must be a little tenuous. On the other hand, if you find yourself on a site which is a couple of years old, then you probably aren’t going to be phished.

But, as stated above, if you use a little common sense and apply the simple 4 step procedure to handle any phishing e-mails then you will probably be safe. If you want to earn some more facts about phishing, get some links to some useful sites and even check your “phishing IQ” then just click the link below:

Facts about phishing.......