microsoftwarecontrol wrote:

> Also I learned, look at the link:
> if it is not start with "http://www."
> then it is a fake. I don't know why?

This is not good enough as a rule! Unless you are quite familiar with the
many ways URLs can be created and obfuscated, and with how your email
program can be tricked in displaying links that do something different from
what you would expect (using JavaScript etc.), the only safe way is to
/never/, /ever/ enter confidential information into a site for which you
didn't type the URL yourself into the browser.

Note that not even your favorites are completely secure -- they can be
injected. I don't know whether favorites can be removed or altered, but
they can be added. At least a few years ago that was possible.

And if you should receive a legitimate email from an institution you do
business with that contains a link and asks you to follow that link and log
in, you could send them a note asking them to remove that link from the
email and instead read up on phishing, and instead of the link add some
phishing education to their email...

Gerhard

-- 
http://www.piclist.com PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist