• Be wary of generic greetings like "Dear Valued Customer", "Dear Valued Member" or "Dear <company name> member". Most phishing e-mails are generic since they are sent out in bulk, so they usually don't use your first or last name.
• Be cautious of a suspicious-looking sender's address. Look for e-mail addresses that don't have the company's name in the address. But be aware that sophisticated frauds may forge e-mail addresses in the "From" field. This field is easily altered to mimic legitimate e-mail addresses.
• Be suspicious of urgent demands for information. One example of this type of messaging would be "..confirm your account by the following link or else your account will be suspended within 24 hours for security reasons".
• Watch out for e-mails that request personal information such as social security numbers, credit card numbers, user names, passwords, or other private information. Reputable businesses generally do not request personal information by e-mail.
• Look out for disguised Web site links. Move your mouse pointer over the link in the e-mail to display what Web site address it will actually go to if clicked. This may help identify a fraudulent site, but don't assume that the site is legitimate just because it contains the company name. A disguised link can still have the name of the company in it.

Figure 1: Disguised web site link example

• Watch for an @ sign in the middle of the Web site link in an e-mail as an indication the Web site is a fake. Most companies use a domain name like the following address: https://www.company.com.
• Look for grammatical errors or misspelled words in the e-mail message or the link to the Web site.

• Never respond to e-mails that request personal and financial information.
• Visit Web sites by typing the URL into the address bar or use a link from your "Favorites" or "Bookmarks".
• Keep a regular check on your accounts.
• Make sure any web site requesting personal information is secure. https should be at the beginning of the Web site address where you enter personal information. The "s" stands for secure. If you don't see https, it is not a secure, and you should not enter personal information.
• Help keep your computer secure by using up-to-date security and anti-virus software.
• Contact the company directly if you are suspicious of an e-mail.
• Check the security certificate when entering personal or financial information to verify the identity of the Web site. Double-click the yellow lock icon (Figure 1) on secure sites to view certificate information. Make sure the company listed after Issued to on the General tab matches the web site you are entering information.

Figure 1: Secure site lock icon

	Note:
	If you don't see the Status Bar at the bottom of your browser window, it needs to be enabled. At the top of the browser window, click View, and then click Status Bar to enable it.

• Don't enter personal or financial information into pop-up windows since they are not secure.
• Keep your Microsoft® Windows® software up to date with automatic Windows Update.
• Don't open unexpected file attachments received in e-mail. Like fake links, attachments are often used in spoof (fraudulent) e-mails and can be dangerous. Opening an attachment in a phishing e-mail could cause you to download spyware or a virus.

In an effort to stop criminal activity, the Federal Bureau of Investigation has requested that you report any fraudulent e-mail that you receive by filing a complaint at the following Web address:

http://www.ic3.gov

For additional information on Phishing, browse to the following Web sites:

Support Options

If you need assistance beyond what is provided in this article you can visit the Dell Community Forums, e-mail or chat with a Dell representative.