Below are several simple methods to avoid common types of phishing attacks:
Check that site uses SSL
Do not enter personal information to the website unless it uses an encrypted connection. To check if website uses encrypted connection you need to look at your browser address bar and verify that lock icon is displayed next to a website name. Also website URL should start with “https://” instead of “http://”
Make sure that links that you click are pointing to a place where you want to go. Hover over a link to make sure it is pointing to a website that you want to go to. Be suspicious of any e-mail which requires you to click something. It is always better to enter URL directly instead of clicking on it. There are certain cases where clicking on a link from e-mail is a valid scenario but typically these e-mails are generated only when you perform some action on a website which generated an e-mail (for example activation e-mail is sent when you register to a website). So you should always be in control on what e-mails are coming to your inbox and what you click on.
Avoid pop-up windows
None of pop-up windows will lead you to something good. If you see a pop-up window close it using small X button in the right top corner (for the Windows OS) and red x button in the left top corner (for the OS X).
Update your browser and Antivirus
Make sure that your browser and antivirus is up to date. New types of attacks appear every day and having latest software will help you to avoid attacks which were just fixed by browser and antivirus developers.
Check your online accounts
Make a habit of checking your online accounts regularly. This will help you to have hackers red-handed and react to attacks before they even started.