simple phishing protection
Simple and reliable phishing protection is available to everyone, no knowledge of computer security needed. I'm surprised such a simple method is so underutilised. Instead security specialists try to teach people about certificates, URLs, highlighting of domains in the address bar etc. Computers are much better at this task so let them do the job.
The method is very simple: after you register on a website let your browser save the password. This was the last time you needed to enter it. In the next visits let the browser auto-fill the credentials - it can tell the real website from a phishing one way quicker/better than you. So when you are on a website but the password is not prefilled, think twice, it is very suspicious. Just leave it or if you really need to visit it, close this page and enter the address yourself or find the official website using search (BTW DuckDuckGo has a convenient feature of highlighting such sites).