Phishing Prevention Tips

Use these practical tips to stay alert and protect yourself from online scams and phishing attacks.

Essential Tips to Stay Safe

Email Safety

  1. Always double-check the sender's email address before clicking anything.
  2. Hover over links to see where they really lead before clicking.
  3. Be suspicious of messages with poor grammar or urgent tone.
  4. Never share your passwords or sensitive information via email.
  5. Don't click on unexpected attachments — even from people you know.
  6. Report phishing emails to your email provider or IT team.
  7. Don’t trust emails that say “You’ve won” or “Urgent action required.”
  8. Never click “unsubscribe” links on emails you didn’t sign up for.
  9. Be cautious of unexpected emails from known contacts — their accounts may be compromised.
  10. Use email filters and spam detection settings to minimize exposure to phishing content.

Web Browsing

  1. Watch for lookalike domains (e.g., amaz0n.com instead of amazon.com).
  2. Ignore pop-ups that ask for personal information.
  3. Check for HTTPS and a valid certificate before entering login details.
  4. Be cautious when downloading software or browser extensions.
  5. Keep your browser and all extensions updated.
  6. Avoid logging into accounts using public Wi-Fi without a VPN.
  7. Install an ad blocker to reduce malicious pop-up risk.
  8. Bookmark trusted websites instead of typing the address each time.
  9. Don’t install unknown files or updates from unfamiliar websites.
  10. Use private browsing for sensitive activities when on shared computers.

Passwords & Account Security

  1. Use strong, unique passwords for each account.
  2. Enable two-factor authentication wherever available.
  3. Don’t reuse old passwords across websites.
  4. Review account activity regularly for unusual login attempts.
  5. Use a password manager to generate and store secure credentials.
  6. Educate others — phishing relies on uninformed targets.
  7. Keep your browser, antivirus, and OS up to date.
  8. Train yourself to recognize common scam patterns (bank alerts, fake invoices, etc.).
  9. Avoid using public devices to log into sensitive accounts.
  10. Set up account recovery options and keep them up to date.
Back to Top