Phishing is a con game that scammers use to collect personal information from unsuspecting users. The false e-mails often look surprisingly legitimate, and even the Web pages where you are asked to enter your information may look real. However, the URL in the address field can tell you if the page you have been directed to is valid or not. For example, if you are visiting an Web page on eBay, the last part of the domain name should end with "ebay.com." Therefore, "http://www.ebay.com" and "http://cgi3.ebay.com" are valid Web addresses, but "http://www.ebay.validate-info.com" and "http://ebay.login123.com" are false addresses, which may be used by phishers. If URL contains an IP address, such as 18.104.22.168, instead of a domain name, you can almost be sure someone is trying to phish for your personal information.
If you receive an e-mail that asks that you update your information and you think it might be valid, go to the website by typing the URL in your browser's address field instead of clicking the link in the e-mail. For example, go to "https://www.paypal.com" instead of clicking the link in an e-mail that appears to come from PayPal. If you are prompted to update your information after you have manually typed in the Web address and logged in, then the e-mail was probably legitimate. However, if you are not asked to update any information, then the e-mail was most likely a spoof sent by a phisher.
Most legitimate e-mails will address you by your full name at the beginning of the message. If there is any doubt that the e-mail is legitimate, be smart and don't enter your information. Even if you believe the message is valid, following the guidelines above will prevent you from giving phishers your personal information.