It's doubtful that there is anyone out there today who hasn't heard of phishing, or the practice of obtaining nonpublic confidential information from a person using devious means to do so, such as impersonating a well known company.
Phishing scams are usually very elegantly prepared so that the average person has no idea they've been phished until it is too late.
NOTICE: There is absolutely no information here about "phishing" or "how to phish" or anything like that. Such an activity is illegal, immoral and very likely to get you in trouble. If you came here seeking such information, go away now.
The main thing to keep in mind is that you should always be extremely skeptical of unsolicited e-mails you receive claming that some kind of "personal information" is required or some kind of bad thing will happen to your account, service or anything else. Analyze any such mail very carefully. Check all hyperlinks, look at the headers of the message, and double-check with the company that's purported as having sent the message to be sure if it is genuine. It is a very rare occurence for e-mails requesting confidential personal information to be sent out by reputable businesses or people. Just so there is no possible way of misconstruing that, let me say that it should never happen that way.
That said, here's an example. This really does sound "genuine", but the hyperlink (removed) was totally bogus and the fact that I don't have a PayPal account with this e-mail address was another really big hint.
Dear PayPal user,
Your account has been flagged in our system as a part of our routine security measures. This is a must to ensure that only you have access and use of your paypal account and to ensure a safe PayPal experience. We require all flagged accounts to verify their information on file with us. To verify your information, please click here.
Thank you for using PayPal!
Please do not reply to this e-mail. Mail sent to this address cannot be answered.
Copyright© 2004 PayPal Inc. All rights reserved. Designated trademarks and brands are the property of their
(no, I have no idea why the message is incomplete, but given that it was "distilled" directly from the original, that should be another big warning sign.)