Some computer users (and even some IT professionals) have been confused about the defition of a "phishing" attack. What exactly is a phishing attack? A phishing attack is when you receive an official-looking e-mail from an online banking or financial institution it could even be eBay or PayPal, or any other service that deals with money. The e-mail states that you should click a link and confirm your login and password to this particular institution (or enter your account number or credit card number).
Here is the link to my article on Techrepublic that list 12 steps that can help significantly reduce the risk of phishing scams, along with examples of both e-mail and Web browser phishing attacks.
You can also download the article as well.