online booking beware of PHISHING

Online booking is one thing i do it often these days. my visa , GRE dates, i pay my telephone bills through online ... and lot more . Recently i booked online tickets for kalyana utsavam and the thing is .... i had to book 8 tickets and the site did not tell the availability in number's so when i was about to book the 6th the availability vanished. so i lost some 2000 bucks :( anyway still had a good dharshan. sometime when my friends tell me about this phishing and hacking, it scares me a lot. so i decided to know how to hack!! at least to protect myself from other hackers. how do hackers generally hack? they can get ur email passwords then they shall change the other important passwords such as pay pal or credit accounts etc adn they can do what ever.
i did a lot of ground work as how generally thz email hacking is done. mostly they get the passwords from your own mouth. u r getting cheated !!! some sites says that if u give ur friend's email they shall give u their password.... DO NOT BELIEVE IT. it s a prank site alas u will end up in loosing ur password to someone.
phishing is a way where hacker creates a look alike page of some famous login page like yahoo login or google login. By mistake if u did not notice the prank page u will give ur password to the hacker. so u need to find a way to identify the originality of the site and also to check if u are not in prank site ... here z the way.

Check Security Signs while doing any money transaction

• You must always look for “https” on any site you use to enter sensitive information. This includes login pages, online shopping sites and bank web sites. Mind you there is one extra “s” in bold which tells actually that server is secure. e.g https://login.yahoo.com/config/login_verify2 for yahoo login.
• Notice the closed padlock on the lower right corner of the browser window.If you click on it, it will open a window that gives you more details regarding the certificate. Every company that asks you for sensitive information must have a digital certificate, preferably one from an established certificate authority.

Misspelled and fake URL

• Misspelled domains are big deceivers. Phishers will purchase a domain name that resembles the real domain. They will replace letters with numbers or with other letters. Pay close attention to the spelling of a domain names, and learn to spot a fake like www.yohoo.com or http://www.paypol.com/.
• Variations of domains should also be a red flag. Don’t click on any email that contains URLs like http://center.yahoo-security.net. A legitimate URL should read http://center.yahoo.com if it actually belongs to Yahoo! Anyone could’ve purchased www.yahoo-security.net for a scam (I’m just using Yahoo! as an example here).
• An IP address looks something like 102.199.60.250. Bottom line, never trust emails that point you to URLs that only show an IP address.