Lets say it is . I just got home and I am tired. I check my email and my bank says there is a major problem with my account. They tell me that I must click on this link to solve the issue. I then see my bank's website and I type in my password and username and hit enter, but nothing happens.
I have just been taken in by a scam. The website looked legitimate but if I had a way to look back at the address with some tools, I would have seen that it was fake.
Phishing is a type of scam that uses scare tactics to get you to give up information. Some basics: first I should have looked at the salutation. The fake ones will usually say Dear [your email address]. The bank knows my name so they will use it. Next it will ask me to click on a link. The problem is that you can make a link look like whatever you want. It is recommended that you never click the link but instead go directly to the website in question. If there is trouble they will let you know!
Spoofstick is another tool for your utility belt that will help you spot the criminal element. When downloaded it becomes part of your browser. It will tell you if you are on the real website or not. I recommend that you go to their website and read through the examples.
Remember if you get a warning email, keep a cool head and think first, then go to the website directly. Give it a try!