The BBC recently ran a series on online security and one of the articles covered identifying a phishing email. Although automated systems are getting better at weeding these kinds of things out and warning us of potential problems, we are still the best thing to identify when someone is trying to swindle us.
The two best pieces of advice in the article are:
There are more subtle signs that a message is a phish rather than legitimate.
For instance, look to see if the web link in the body of the message matches those in the status bar of the e-mail.
If these differ you have probably caught a phish.
If you are suspicious do not click on the links in the e-mail body. Instead type the address out manually.
Many phishing gangs exploit the readiness of the human eye to see what it wants to see rather than what is actually there.
For instance, in this old Paypal phish the scammers have registered a site that, to a quick glance, looks very like the name of the payment company.
Most phish fall down on one or more of these criteria. If you are suspicious contact your bank directly.