Your brave anti-spam software works hard to defend your inbox from all those messages about enlarging… um…. various things. Even more important, your spam buster also helps protect you from less-embarrassing –but more dangerous– phishing scam emails. But not entirely safe. Just in case a big bad phishing scam does get through to your inbox, it’s important to know how to spot it.

1. Do they handle your money? Then they won’t ask for your info.

The companies that deal with your money can be counted on for a lot of things. Making mistakes on your monthly statement. Talking robotically on the telephone (even if they’re human). Sending you advertisements you don’t want. But one thing they can’t be counted on to do –because they never do it– is ask for your account information in an email. No company that deals in your finances will ask for your info via email. Ever. Not the bank, not the IRS, and not Paypal.

2. Check that the sender’s email address matches the company’s URL.

Whenever you receive an email from a secure financial organization, such as your bank or the ever-friendly IRS, be sure to check the email over carefully. Is the name of the organization misspelled in the email address, or not included at all? Is the appearance and language of the email official? (Just a hint: a title of ‘It’s time 4 U to renew UR account!’ is a dead giveaway.)

3. Check who’s getting the email. If there’s more than one address, get suspicious quick.

If a message you’ve received has aroused your suspicion, a quick way to check if it’s legit is to take a look at who it’s gone out to. If there’s more than one email address there, they’re probably not who they say they are– after all, major companies have a privacy policy to follow. Many lazy phishers simply blitz the Net, sending messages to hot_bad_muscles1, hot_bad_muscles2, all the way up to you at hot_bad_muscles2000.

4. Do the email’s claims catch your attention? Check it online.

One way phishing spam works is by trying to scare you into acting quickly. They’re going to delete your account. Or they’re going to kill you. Or they’re going to run over your dog. If the content of an email catches your attention and you feel you must take action, look into it first. The easiest way to do this is to Google a sentence or two from the email. If you find other people online talking about it, it’s garbage.

The big bad phisher will try to get under your skin– but just delete those suckers right out of your inbox.

5. Stop phishing in its tracks by reporting phishing scams to the company they’re pretending to be.

No major (or, heck, minor) company wants to be impersonated by someone looking to steal their clients’ info and even their identities. While most of them don’t actually care what happens to you (when is the last time your bank manager gave you a hug?), they do care how identity theft makes their company look. So be sure to advise an organization that their customers are being targeted by a phishing spam. They can send out warnings, button down security, and generally work to keep their clients’ info safe.

There are a lot of nasty characters creeping around on the Net. And some careless people do fall into their traps. Don’t be one of them. Instead, up the anti-spam security on your email server, keep your eyes peeled for bogus emails, and delete, delete, delete.