Don't be victimised by phishing scams! Below are several useful tips:

• Do not respond to emails asking for any personal or financial information.

Legitimate companies will never ask you to verify or provide any confidential information in an unsolicited email.

• Never log in or enter private information in a pop-up window.

Clicking on links within phishing emails may direct your browser to a legitimate web site while, at the same time, opening another pop-up window wherein you're asked to enter personal information. This makes it appear like the pop-up window is part of the legitimate site when, in reality, it is not. Don't enter your personal information in pop-up windows.

(Note: Yahoo!Xtra Yahoo! offers a Pop-Up blocker in our free Yahoo!Xtra Toolbar that blocks most unwanted pop-up windows from appearing.)

• Be alert for suspicious emails.

It's easy to forge an email and make it appear like a legitimate company sent it. When dealing with emails that pertain to sensitive information, it's best to err on the side of caution. Below are a few signs of phishy-smelling emails:

• Urgent account notifications that aren't addressed to you personally, but which require action on your part relating to your account(s).
• Customer notifications that contain incorrect spelling or poor grammar.
• Account/billing email notifications from credit card firms or other financial institutions that don't reference the last few digits of your account number, or that contain no specific details pertaining to your account/billing information or activity.
• Account notifications that are delivered to your Spam folder. (Note: While we do our best to deliver legitimate email to your Inbox, we may occasionally deliver legitimate email to your Spam folder. We encourage you to check your Spam folder periodically for legitimate email and, as always, practice caution when dealing with questionable or suspicious emails.)
• Be cautious when clicking on links within a suspicious email.

Most phishing emails contain a link that leads to an official-looking web page that requires the recipient to log in or enter some personal information. Though the web page may contain official logos and look exactly the same as the legitimate company's web site, any information submitted via these spoofed web page(s) will be sent to the perpetrators of the scam.

If you have any doubt regarding the authenticity of a web site you're being directed to in an email, we strongly recommend that you open a new browser and type the known URL of the company in the browser yourself, or call the company directly via telephone.