Review these 5 essential tips to avoid being "Phished":
- Passwords in Email = Epic Fail. Never send your passwords in an email!
- If you didn't expect it, reject it. Don't click unexpected links!
- Hover to Discover. Look out for deceptive links!
- Check for Trash Before the Slash. Verify "https://auth.berkeley.edu/" in your browser bar before entering CalNet credentials!
- Is it a Phish? Drop us a line.
- If you are worried about an account, call the organization which maintains it (like your bank)
- Check the email address—does it really match the text of the email? Does it match the legitimate email of the organization it is supposed to be tied to?
- Check the security certificate of any website into which you are entering sensitive data. They should usually begin with https:// Some browsers will display padlock symbols in the address and status bars. Anything on a website saying it is safe can be falsified and is not verified by the browser you are using, and so shouldn’t be trusted
- Keep your software current
- Install antivirus software