Criminals and hackers have been extremely sophisticated in creating phony, but authentic looking e-mails that seemed to have originated from legitimate companies. If you receive an e-mail that you believe to be a phishing attempt, do not reply to it since by doing so will just validate the e-mail address is correct. Trust me, you do not want that to happen.
For those who are not aware of the term “Phishing” (pronounced “fishing”), it is a type of online identity theft that uses email and fraudulent websites that are designed to steal your personal data or information. You may have seen these type of emails show up in your inbox before.
Instead, your best course of action it to submit phishing e-mails received at work as an attachment (do not forward the e-mail) to your security department or simply delete it. If you receive phishing e-mail while at home, again you should either delete it or forward it to the Federal Trade Commission (FTC) at email@example.com so they can add it to their database.
Here are some tips to avoid becoming a victim to a phishing attack:
At home, use trusted security software and set it to update automatically.
Read more here.