Here are 10 antiphishing tips from Cloudmark, in association with Carnegie Mellon University:
1. Do not open e-mails from unknown senders. (Spam e-mails can contain reply scripts that inform spammers that your e-mail
account is active and that you click links.) Instead, delete and expunge them from your inbox.
2. Do not assume the e-mail came from the person in the "from" field of the e-mail. E-mail addresses are often
and easily spoofed.
3. Never open an unsolicited attachment or click a link without verifying the sender.
4. Do not enter personal information on Web pages unless you know the site and it is necessary. You should also avoid
putting personal information (for instance, phone number, snail address, social security numbers, and so forth) on social
networking sites such as MySpace and Facebook. The more personal information you put on the Web, the easier it is to steal
5. Choose different passwords between school applications, social nets, banks, and so on. and change them every 6 to 12
6. E-mail claiming that there is a problem with an account, that you owe money, or that you are owed money, should be
validated with a phone call or an e-mail to the appropriate party. Never use the information in the e-mail for contacting
the party, look it up yourself.
7. Use an alternate e-mail address for your banking information that you do not share elsewhere. This will help you to
avoid confusion when receiving inbound e-mails regarding banking accounts and also better protect your personal information.
8. Set up a spam filter that will weed out e-mails with malicious coding (designed to infiltrate or damage your computer
without your consent).
9. College students and faculty should install protection software before they get to campus. Students bring laptops infected
with all sorts of contagions to the interior campus network, circumventing all firewalls and edge defenses.
10. Be proactive and stay aware of current e-mail scams. Many educational institutions and IT publications report on current
trends and spreading e-mails scams.