You just received what looks like an authentic and important e-mail from “My Account.” It informs you that your account will be suspended if you don’t immediately re-update your information at the indicated link. What do you do? Think quickly, they’re telling you to do it now. STOP! Then just press “delete.” You just received a “phishing” e-mail. Phishing is a scam where people send out e-mails that appear to be legitimate. They use logos and identity marks they’ve copied from authentic vendors in the hopes of stealing your personal information. Here are a few steps to help protect you from fraud and scams.

• Type in the URL. If you receive an e-mail with instructions to enter personal information, DON’T click the link. Most secure sites will include an “s” to safely and securely access the Web site or your account. Open a new Web browser (Internet Explorer or Netscape) and type in the site. (For example: https://www.account_etc.com/)
• A secure site that requires you to enter personal information should have "https" in the address. The "s" stands for secure. Rule of thumb: "https," = ok to enter personal information. No “s” = do NOT enter information.

1. Never share your password. Banks, merchants, etc. will never ask you for your password. Please change your password immediately and contact your account holder if you believe someone has learned your password.
2. Create a secure password. Use a combination of letters, numbers, and symbols. Avoid obvious items such as a nickname or birth dates. Don’t use common words or names.
   A strong password must combine three of the four different types of characters:
   • Upper case and lower case letters (A, B, C and a,b,c).
   • Numerals and Symbols (1, 2, 3 and @ # $ % ^ | [ ] \ : " ; ' < > ? , . /).
3. Keep each account password unique. While it’s more work to have a unique password for each account, using the same password for multiple Web sites increases the likelihood that someone could learn your password and gain access to all your accounts.

1. Look for a specific greeting. Authentic “vendors” will never send an e-mail with the greeting "Dear User" or "Dear Member." Legitimate e-mails will address you by your first and last name or the business name associated with your account. If you believe you’ve received a fraudulent e-mail, please forward the entire e-mail (including the header information) to the specific “vendor.”
   NOTE: The automatic reply you receive from vendors may not address you by name.
2. Don't e-mail personal information. Only share account information in your secure Web site account.
   Then there are those e-mails that appear to be Web sites. Some e-mails will look like a Web site in order to get you to enter personal information. Authentic “vendors” will never ask for personal information in an e-mail.
3. Don't download attachments. “Vendors” will never send you an attachment or software update to install on your computer.

1. Control physical access to your PC. Do what you can to prevent unauthorized persons from using your PC.
2. If you’re using your PC and need to walk away from it for any reason, log off or lock your workstation.
3. Report suspicious activity to the appropriate parties relating to your PC or the use of your PC and do so as quickly as possible. Promptly report suspicious activity relating to your online account access to your account holder.
4. Do not save passwords on Web sites or leave written notes with your password near your PC.