PHISH: Fraudulent emails that use stolen company graphics, and sometimes language, from legitimate companies in an attempt to lure you into logging on to a fake site, also using stolen graphics and coding, to steal your credentials. Emails usually do not greet you by name or refer to your account. They use a threat of account closure or an offer of free gifts for completing the requested task. Or they try to tell you that your account may have been violated.
Continuing with our training, lets review an "urgent" email from "Chase"……
Heavens to Murgatroyd!
That URL does not look like "https://chaseonline,chase.com……"!!! 
Lets compare this with a REAL email from Chase:
Notice, the email greets me by name and refers to my account.
Now, lets compare the backend; the source code behind the email….
This one clearly does not come from Chase. It is trivially easy to change your "From" address in Outlook and most browser based email applications. If you look at the "X-Mailer" line 5 lines down from the green box below you will see this was from an Outlook application.
Referring to the "Received" headers you see the route the message took to get to you. If there is more than one "Received" entry the truth is usually revealed in the bottom few "Received" entries.
This header is from the real Chase email. Notice that all the "Received" entries refer to "bankone.com" (Chase owns Bank One and www.bankone.com takes you to Chase’s web site)
Yours in pessimism 
Entries (RSS)