Identifing a Phishing Message
http://www.itbusinessedge.com/slideshows/show.aspx?c=94496&slide=1
Good advice here.  If all of these are present in an email you receive, be very suspicious.  Italics below are mine... Thomas

Does the email contain information obtainable from social web sites ( Facebook, Twitter, etc. )?
The dizzying amount of information being loaded into social networking sites makes it trivial for an attacker to use them as a source of information to craft a spear phishing message or to gain a victim's trust. With this in mind, private information should always be regarded as belonging to the public domain once they can be found on social networking sites such as Facebook or Twitter. Indeed, a woman in Singapore was arrested recently for allegedly cheating victims of thousands of dollars by masquerading as their cousin. All her information — including their contact number and name of their real-life cousins — was apparently obtained from Facebook accounts.

Is there a web link in the email ?
One predominant objective of hackers entails the loading of malware or Trojans onto their target's PC. Given that executable files are typically blocked in email attachments these days, black hats have evolved their techniques to either trick their victims into downloading the malware over the Internet, or directing them to visit a specially crafted website loaded with a browser exploit. To protect yourself from such scenarios, you should almost never click on a URL link unless it is from a reputable site, and even so you should usually type in the URL manually.
Or get it from your Favorites/Bookmarks if you have it there.

Does the email reference a recent event ?
Major news events such as large-scale catastrophes or the death of celebrities are quickly followed by a wave of phishing messages touting the same news events in their subject lines or email body. No doubt, phishers are hoping that confused or overeager users will let their guard down and click on their proffered URL links in their haste for more information. Hence, be on your guard when you see an email that refers to a current news event.
Also note, who is the email from ?

Does the email have a tone/language a known friend/colleague would use ?
It is trivial for hackers to collect the email addresses and names of colleagues and friends. Larger companies typically publish their staff information on the Internet, while simple social engineering methods could be used to glean details such as the name of one's immediate supervisor or colleagues. The guideline here is to filter such messages based on what we know of the purported senders and how they typically write. Getting a curt "Check out this link" email from a normally verbose coll0eague or a "Nice babes" from a female boss should set alarm bells ringing.
Phishers hijack contacts from online web sites ( Yahoo for example which has been happening quite a bit lately, ) then act like the owner of the contacts, your friend or associate.

Is the email pushing for an immediate response ?
Phishers want their victims to respond immediately, or soon after reading their phishing message. This prevents them from checking with more knowledgeable colleagues, or to otherwise wise up to the trickery. It is for this reason that a message demanding an immediate response deserves a far greater dose of skepticism, and should hence be scrutinized more carefully.