How to avoid phishing is a major headache for all Internet and email users. There is website phishing where you think you are going to one site but the link takes you to a spoof site that is guaranteed to be up to no good as far as you are concerned. There is also email phishing which can pop into your inbox any time of any day and may catch you totally unawares on a busy day.
Here is an excellent link about how to identify and avoid email spoofed phishing attacks: https://www.cmu.edu/iso/news/2020/email-spoofing.html
“Email spoofing is a form of impersonation where a scammer creates an email message with a forged sender address in hopes of deceiving the recipient into thinking the email originated from someone other than the actual source. Scammers will use email spoofing to help disguise themselves as a supervisor, professor, or financial organization to trick users into performing some type of action. Scammers use this method of deception because they know a person is more likely to engage with the content of the email if they are familiar with who sent the message.” (Carnegie Mellon University)
The above site has really useful strategies for recognising these emails, it is worth everyone reading and noting!
There is a lot more about phishing in a more general way on this TechTarget site. “Phishing is a form of fraud in which an attacker masquerades as a reputable entity or person in email or other forms of communication. Attackers will commonly use phishing emails to distribute malicious links or attachments that can perform a variety of functions. Some will extract login credentials or account information from victims.” (TechTarget)
Phone scams are another very serious issue to keep watch for, Which does a comprehensive cover of understanding scams. It also offers a reporting form for different sorts of scams to help protect other people.