These types of attacks are called “social engineering,” and they are used by criminals to steal your money and identity, and to plant on your computer malicious software that can be used to keep ripping you off. Social engineering is the online equivalent of an old-fashioned con game, in which a crook frightens people with false warnings, or tempts them with false promises, and then robs them.

While viruses and spyware overwhelmingly afflict Microsoft’s (MSFT) Windows users and spare users of Apple’s (AAPL) Macintosh computers, social-engineering schemes can ensnare Mac users as well. There’s nothing inherent in Macs that makes their owners more resistant to falling for social-engineering scams.

The most common form of social engineering is called phishing, a one-two punch using both email and Web browsing to trick people into typing confidential information into Web sites that look like the sites of real companies, especially financial institutions. But these phishing sites are actually skillfully designed fakes that transmit your sensitive data to criminals, often in distant countries. Once these creeps have your passwords and account numbers, they can loot your funds and steal your identity.

Here are some tips to help you avoid being the victim of social engineering, updated from a similar column I wrote in 2006. It includes information on some antiphishing software that wasn’t available back then. But remember: Security software alone can’t save you from scams.

1. Never, ever click on a link embedded in an email that appears to come from a financial institution, even if it’s your own bank or brokerage and even if it looks official right down to the logo. The same goes for payment or auction services, like PayPal or eBay (EBAY). Don’t do this even if the email asserts that your account has a problem, or that the bank has to verify your information. And certainly don’t enter any passwords, Social Security numbers or account numbers directly in an email.

These types of emails are almost always fakes, and the links they contain almost always lead to phony Web sites run by criminals. The only exception might be a confirmation email from a brokerage firm concerning a trade you know you made minutes before. Even legitimate-looking addresses in emails or in the address bar of Web browsers can be fakes that hide the crooks’ true Web addresses. The lock icon on a Web site can also be falsified.

If you are truly worried about your account, call the bank or company, or go to its Web site by manually typing in its address or by using a well-established bookmark in your browser that you created yourself.

2. Don’t click on links to offers for free software or goods that you receive in an email, especially from a sender or company you’ve never heard of.

3. Never download software from unfamiliar Web sites unless you are absolutely sure you need it and it’s legitimate. Even if it claims to be a useful program, it may very well be a malicious application like a “key logger,” which can report back to crooks everything you type into your computer. If you really want the program, do a Web search on it first, to see if others have reported it as a malicious fake.

4. If a Web site tells you that you need to download special viewing software to see its videos, don’t do it. Even if it claims to be giving you legitimate viewing software, like Microsoft’s Silverlight, Adobe’s (ADBE) Flash or Apple’s QuickTime, don’t download it there. Go to the official Microsoft, Adobe or Apple Web sites to get these viewers.

5. Use a Web browser, like Internet Explorer 7 on Windows, or Firefox 2.0 on Windows or Mac, that includes built-in features to warn you about, or block access to, known phishing sites. The next versions of these two browsers will have even stronger features that will detect sites that are not only fake, but which are known to distribute malicious software.

Unfortunately, the third major browser, Apple’s otherwise excellent Safari for Mac and Windows, lacks any such antiphishing detection, though I expect Apple to add the feature in a future version. So, for now, Mac users worried about phishing should rely on Firefox.

6. Consider security software that tries to detect and block phishing sites. McAfee’s (MFE) free Site Advisor and paid Site Advisor Plus products do a good job. Symantec (SYMC) has similar features built into its large security suites, Norton 360 2.0 and Norton Internet Security 2008.

7. Educate yourself by reading about social engineering and phishing and how to avoid being a victim. Microsoft has a very good guide at: microsoft.com/protect/yourself/phishing/identify.mspx and Symantec has one at: symantec.com/norton/clubsymantec/library/article.jsp?aid=cs_phishing.

Follow these tips and you’ll be a happier — and safer — surfer.

Find all of Walt Mossberg’s columns and videos online, free, at the new All Things Digital Web site, http://walt.allthingsd.com.

• Email him at mossberg@wsj.com.

But IE hasn’t had a significant overhaul in five long years. That has allowed competitors like Mozilla’s Firefox and Apple’s Safari to leap ahead in terms of features. In fact, many of the savviest Web users have abandoned IE in recent years, partly because of the growing feature gap and partly because of IE’s persistent security problems.

Now, finally, the software giant has produced a major new version of the browser, called IE 7. It’s a fundamental rewrite, especially in the areas of user interface and underlying security.

But competitors haven’t been standing still. Mozilla is almost done with its Firefox 2.0, a more minor update of its browser than Microsoft’s undertaking.

I have been testing IE 7, and I agree with Microsoft that it’s much improved. If you are a confirmed IE user, upgrading to this new version makes perfect sense, because it is likely to be more secure and its new features make Web browsing better. But if you are already using Firefox, IE’s main competitor, I see nothing in IE 7 that should make you switch. It’s mostly a catch-up release, adding to IE some features long present in Firefox and other browsers. The one big feature in IE 7 that wasn’t already in Firefox, a built-in detector that warns against fraudulent Web sites, is being added to Firefox in version 2.0.

The new Internet Explorer, which is free, runs only on the latest revision of Windows XP and the forthcoming Windows Vista operating system, while Firefox offers nearly identical versions for Windows, Macintosh and Linux computers. IE 7 will be offered automatically to Windows XP users — gradually over the next few months — via the Windows update program. Microsoft will also make it available for manual download.

The biggest change in the new IE is tabbed browsing, the ability to open multiple Web pages in a single window, and to switch among them by clicking on tabs at the top of each page. This allows you to quickly scan a whole bunch of Web sites at once. It’s especially useful if you group bookmarks (which Microsoft calls Favorites) into a folder, and then open all the pages in the folder at the same time.

In my view, tabbed browsing is the best improvement to Web browsers in years, and it has long been built into Firefox, Safari and other browsers. Microsoft’s implementation is OK, but is curiously inconsistent. You can open all of the sites in any folder in your Favorites list in tabs, with a single click. But this works only if you are viewing your Favorites in a side panel at the left of the screen. If you have a folder of Favorites in the Links toolbar at the top of the screen, as many power users do, there’s no way to open all of the pages it contains with one click, as you can do in Firefox.

The other big change in IE 7 is that there is now a search box built into the user interface itself, which allows you to perform searches without first navigating to the home page of the search service. You can choose which search engines this feature uses. Again, this feature is old news for Firefox and Safari users, but it should eliminate the need for add-on toolbars, like those offered by Google and Yahoo.

The overall interface of IE has also been cleaned up and simplified. The menus are now hidden, and the little animated flag in the upper right-hand corner is gone. You can make the menus appear if you like, and you will need to do so to get to some features, such as the screen that lets you organize your Favorites.

The only really notable new interface feature in IE 7 is something called Quick Tabs, which lets you view, on one page, thumbnails of all the pages you have open in tabs. You can quickly switch among them, or close any of them, from this view. It’s very nice, but reminiscent of an Apple feature called Exposé.

On the security and privacy front, Microsoft says it has made many changes under the hood to harden IE against hackers and the authors of malicious software. The browser now warns you when you are at a Web site that may be a fake (called a phishing site) and moves you off that page unless you insist on going back to it. There is also a much easier way to clear out all traces of your Web activity, another catch-up feature.

But the most important new security feature in IE 7 — something called Protected Mode, which stops Web sites from changing your computer’s important files or settings — will work only in the new Vista version of Windows, due next year, not in Windows XP.

Ironically, the improved security in the new version may erode IE’s greatest strength: its broad compatibility with Web sites. Some sites may not work properly in IE 7 because techniques they used are blocked by the new security features.

In addition to matching IE 7’s antiphishing warning feature, Firefox 2.0 will feature a spell checker, a system for suggesting popular search terms, and a way to resume where you left off after a crash, among other things.

The new Internet Explorer is a solid upgrade, but it’s disappointing that after five years, the best Microsoft could do was to mostly catch up to smaller competitors.

Email me at mossberg@wsj.com.