While the majority of phishing email messages are poorly formatted and written in broken English, there is no shortage of believable schemes that purportedly come from credit card companies, insurance companies or even the human resources departments. Just one mistake from a distracted employee could place the local network or company in jeopardy.
To defend against phishing emails, you need to understand that they are typically designed to persuade you to click on a link or submit personal information. As such, be wary of divulging any information based on an email, and never click on a URL. Always type out the URL in the browser bar instead.