Protect any recorded passwords. Be careful where you store the passwords that you record or write down. Don't store passwords on a file in your computer, since criminals will look there first. Also, don't carry passwords around in your wallet or hide them under your keyboard. A good rule to keep in mind is not to leave a record of your passwords anywhere that you would not leave information that the passwords protect.
Never provide your password over e-mail or based on an e-mail request. Any e-mail message that requests your password or requests that you to go to a Web site to verify your password is almost certainly a fraud. This includes requests from trusted companies or individuals. E-mail can be intercepted in transit, and e-mail messages that request information might not be from the senders they claim.
Don't trust the sender information in an e-mail message. Even if the e-mail message appears to come from a sender that you know and trust, use the same precautions that you would use with any other e-mail message. Fraudsters can easily spoof the identity information in an e-mail message.
Read before you click. A link in an e-mail message might promise to take you to site A, but will actually take you to site B. Most e-mail programs (such as Outlook 2007) show you the real target address, or URL, of a link when you hover the mouse over the link. Before you click a link, make sure to read the target address. If the e-mail message appears to come from your bank, but the target address is just a meaningless series of numbers, do not click the link. Make sure that the spelling of words in the link matches what you expect. Fraudsters often use URLs with typos in them that are easy to overlook, such as "micosoft."
Is it too good to be true? If a deal or offer in an e-mail message looks too good to be true, it probably is. Exercise common your common sense when you read and respond to e-mail messages.