Here is a good article from Binance on phishing:
https://www.binance.vision/security/what-is-phishingSome of the recommendations that they made to guard against phishing:
1) Be wary: your best defense to protect against phishing is to think critically about the emails you receive. Were you expecting to receive an email from someone about the subject in question? Do you suspect that the information that person is digging for is none of their true business? If there's a doubt, do your best to contact the sender through a different means.
2) Check the content: you may type part of the content (or the sender’s email address) on a search engine in order to check if is there any record of phishing attacks that used that specific method.
3) Try other means: If you think you receive a legitimate request to confirm your account credentials for a business that is familiar to you, try to do so through different means instead of clicking the link within the email.
4) Check the URL: hover over the link, without clicking it, to check if it starts with HTTPS and not just HTTP. Note, however, that this alone is not a guarantee that the site is legitimate. Check URLs closely for misspellings, unusual characters, and other irregularities.
5) Do not share your private keys: never give out the private key to your Bitcoin wallet, and be vigilant in determining if the product and seller you are about to give any cryptocurrency to is legitimate. The difference in dealing with crypto as opposed to a credit card is that there is no central authority to dispute a charge if you never received the good or service that was agreed upon. This is why one must be especially careful when dealing with cryptocurrency transactions.
