Yeah…you guys and girls are probably pros at this stuff by now. I figured I’d do this for the folks who want to check the topic out – especially since Yahoo’s email got hacked. Also, it isn’t a bad thing to be reminded of from time to time.
First, always be suspicious. You’ll see an email purporting to be a prize, or a ‘fix’ for a problem – like a patch for software, or against malware, or of account compromise. That’s the hook. There will be a link in the email. Don’t click on it. Ever. Instead, go the firm’s genuine website and look for warnings about that ‘compromise’. Also, you can ‘mouse over’ the link. Look at the true url which will appear. If it doesn’t look like that software’s url, report the email as a phishing attempt. Microsoft doesn’t notify about patches, etc. through emails. You’ll never win a contest you didn’t enter. Really.
Next, check the spelling, grammar and date. Any mistakes, it’s very likely bogus. The date thing? Make sure it is in our format (Month/day/year) and not some other format
Browser extensions like Web of Trust and those belonging to security suites like BitDefender and others. These can give an indication of the trustworthiness of sites previously reported to them. That means others have fell for it and reported back. That might come too late, however.
Don’t fill out any forms asking for passwords or personal info.
In the source I used to prepare this post, they suggested that if you use a smart phone, you can click on the link. I wouldn’t recommend doing that. There are malware apps which have been designed for Android and iOS. Better to just report the suspicious email.