Today I got an email from a party claiming to be my bank, and asking me to click on and open an attachment with an important message.

I routinely delete things like this because 99.9% of the time this is a scam, known as phishing. When you click on an attachment or a link you expose yourself and your private information to a scammer; or you might enter your social security number on a fake website that looks just like your credit card company’s. It’s better to be safe than sorry.

I called my bank – and was surprised to hear that it was in fact legitimate. I told them that this is not a good idea at all. Most web professionals and all IT people that I know tell you to automatically put this kind of mail in the junk folder. It’s not safe, and it just isn’t worth the risk.

I really like my bank but this is a move that was not at all well considered.