The Netcraft toolbar is my favorite. It shows you who the site is registered to, and provides a "risk rating" that can help you quickly decide whether you want to enter your password. A close second comes from TrustWatch, which makes a toolbar for Internet Explorer that validates legitimate Web sites and, like Netcraft, can provide a detailed site report. TrustWatch's reports let you know whether the site is included on any blacklists of suspect sites and whether it uses SSL technology for secure transfers. TrustWatch also makes an extension for Firefox that embeds site-report links in Google search-result pages.

Other good options abound. The EarthLink Toolbar with ScamBlocker alerts you with a pop-up message when you visit a site that has hosted phishing attacks. (You don't need to be an EarthLink subscriber to use the tool.) Corestreet's SpoofStick helps clue you in to a phishing site by putting the domain name of the site that you're visiting in huge, bold letters in IE's toolbar. Cloudmark's IE Toolbar automatically blocks sites known to host phishing scams. And eBay offers a toolbar equipped with an Account Guard feature that warns you if you're about to enter your eBay or PayPal password in a fake Web site's log-in page.

The phishing study cited above, however, found that a quarter of participants didn't look at phishing clues already present in browsers, like the padlock icon and address bar. These days it doesn't pay to be asleep at the wheel as you cruise the Net.