Be suspicious of any email requesting for personal financial information.

Do not use links in email, instant message, or chat to get to any website where the source of the message is suspect or might not be authentic or from unknown sender. Go to the website directly by typing in the web address in your browser.

Avoid filling out forms in email that ask for personal financial information. Communicate such information only via a secure website or telephone.

Always ensure the website is secured when submitting sensitive information via web browser. "Phishers" are now able to 'spoof,' or forge the "http://" that is normally seen on secured web server and a legitimate address. "Phishers" can also forge the yellow lock that is normally seen near the bottom of your screen on a secure site. This lock displays the security certificate for the site. Do not continue if the web address of the website does not match with the certificate.

Make it a habit to look at the web address line to ensure that you are on the website you wanted to go to.

Regularly login to your online account(s) to check them.

Regularly check your statement(s) to ensure that all transactions are legitimate. Contact your bank(s) or issuer(s) if you see anything suspicious or you do not recognise the transaction.

Ensure that your browser is up to date and security patches are applied.

Always report "phishing" e-mails to your bank(s) / issuer(s).

Notify your bank(s) / issuer(s) and ask them to flag your account and contact you regarding any unusual activity. Close the account(s) if it / they was / were set up without your consent. Change your username or password if they have been compromised.

Contact the police to file a report.

Document the names and phone numbers of everyone you speak to regarding the incident. Follow-up your phone calls with letters. Keep copies of all correspondence.