Phishing usually begins with a SPAM e-mail. Friendly, the receiver is asked, for example to visit a Bank’s website in order to verify its data. The link to the website includes of course the Bank`s name. Sometimes you can identify a fraudly website by bad spelling and grammar on the websit itself. But there are also deceptively replica websites that are barely distinguishable from the respective real websites, even on a closer inspection.
It`s very suspicious when you not even a customer of that mentioned company. No serious acting company would ever ask its customers by e-mail to disclose user passwords or any other sensitive information for verification. Such a request should make you suspicious. You should not call this offspring, but ask your Account Manager if this request is a real demand from your Bank/Company?!
Test yourself if you are able to identify fraudently websites: