To avoid getting lured into a phishing scam:
Treat unsolicited e-mail requests for financial information or other personal data with suspicion. Unsolicited means the e-mail wasn't initiated in response to an action by the consumer. Do not reply to the unsolicited e-mail or respond by clicking on a link within the unsolicited e-mail message.
Contact the actual business that supposedly sent the e-mail to verify if it is genuine. Visit a secure Web site or call a phone number that you know to be legitimate.
Only enter personal information on a secure Web site that you know to be legitimate. Visa or any other card issuer would never ask you to send Social Security numbers, account numbers, passwords, or PINs within an e-mail message. When entering personal data at a Web site, look for a locked padlock in the browser or https at the beginning of the Web site address to make sure the site is secure.
Update anti-virus software and security patches to system software regularly. Phishing emails can contain viruses that may harm your computer if opened.
Be cautious. Check your monthly statements to verify all transactions. Notify your bank immediately of any erroneous or suspicious transactions.
In Canada, forward any suspicious e-mails to Project Phonebusters at firstname.lastname@example.org. In U.S.A., forward any suspicious e-mails to the Federal Trade Commission at email@example.com or file a complaint with the FTC at www.ftc.gov. You can also forward unsolicited e-mails claiming to be from Visa or your Visa card issuer to firstname.lastname@example.org.