The sender is attempting to trick the recipient into revealing confidential information by "confirming" it at the phisher's website. Note the misspelling of the words received and discrepancy. Such mistakes are common in most phishing emails. Also note that although the Web address of the bank's webpage appears to be true, it actually links to a phisher's webpage.


How to avoid the Hook, Line and Sinker

1) Don't use the links in an e-mail to get to any Web page if you suspect the message might not be authentic. Instead, telephone the company or log onto the Web site directly by typing its Web address in your browser.

2) Don't give your credit card numbers or account information unless you're using a secure Web site or the telephone. Check the beginning of the Web address in your browser's address bar. A secure site should show as "https://" rather than just "http://".

3) Beware of e-mail attachments. Don't open them or download any files, regardless of who sent them.

4) Check your bank and credit card statements online on a regular basis. Make sure the transactions are legitimate. Don't wait for a mailed paper statement, which can take up to a month. If you see something suspicious, contact your bank and all card issuers using a phone number you know to be legitimate or by typing in a secure Web site URL into the Internet browser address bar.

5) Use anti-virus software and keep it up to date. Anti-virus software and a firewall can protect you from inadvertently accepting unwanted key-logger files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.

6) Keep your computer's operating system up to date and download security patches. These free software patches for your operating system close holes that hackers or phishers could exploit. (You can check for Microsoft patches here: http://www.microsoft.com/security/).

7) Consider installing a Web browser tool bar to help protect you from known phishing fraud Web sites. The MSN Search Toolbar offers a Microsoft Phishing Filter service add-in that offers dynamic warning and blocks fraudulent Web sites using up-to-the-hour information. EarthLink ScamBlocker alerts you before you visit a page that's on Earthlink's list of known phisher Web sites. Ebay offers a free toolbar that warns you when you might be on a spoofed eBay site.

8) Report the attacks by forwarding the phishing e-mail to the following addresses: spam@uce.gov, reportphishing@antiphishing.org and to the "abuse" e-mail address at the company that is being spoofed (e.g. "spoof@ebay.com").