Defense against phishing

The vast majority of phishing e-mails are delivered via e-mail or social networking sites.

1. Usually, websites do not send e-mails asking you to visit and log in to the site.
   Such a request should keep one attentive, it is always worth then to confirm the authenticity of the letter by contacting the site administrators.
   Banks and financial institutions never send letters asking to disclose (enter in the form) any data (login, password, card number), attempts to impersonate should be reported to persons responsible for security.
2. Do not open hyperlinks directly from the received e-mail. It is relatively easy to modify their content so that it seemingly points to an authentic website but directs to an unauthorized, spoofing site.
3. Regularly update the system and software, in particular the e-mail client and web browser.
4. No personal data, such as passwords, credit card numbers, etc. may be sent via e-mail. Requests for providing a password and login in the e-mail should be ignored and reported to the appropriate persons.
5. Banks and financial institutions use the HTTPS protocol where it is necessary to log into the system. If the login page does not contain the HTTPS protocol in the address, it should be reported to persons from the bank and no data should be provided there.
6. It is not recommended to use older Internet browsers (e.g. Internet Explorer 6), which are often prone to various errors. Alternatively, one may use other programs, such as Mozilla Firefox or Opera or Internet Explorer 9 and 10 (whose latest versions are equipped with anti-phishing filters) or third-party software to protect against phishing.