I have done a substantial amount of research and checking on received phishing emails. I thought I would pass on some of the things I've found and some of the steps you can take to help stop it.
First, pay attention to the comments made elsewhere in this post. Your financial institutions, on-line services AKA ebay), etc., and all do not ask for you to "confirm" your information via an email and link.
There's a pretty fast way to check it's authenticity if you are an Outlook or Outlook Express email user. When you place your cursor over the link which is supposedly to take you to the site of the institution for the verification, even though the link may actually say www.suntrust.com, etc., an actual link comes up at the bottom of the email program frame. In a phishing email, that link will usually bear no resemblance to the link in the email. Even if the link is the same as in the email, if it looks different than the real institution, i.e., real address is www.suntrust.com but the email address reads www.internet.suntrust.com is a whole different URL and is a scam location.
You can aid the affected institutions by forwarding the email to abuse@"institution".com where institution is the identified company such as suntrust, ebay, USBank, etc. In the forwarded email you should include the email header information which you can copy and paste from the properties menu entry under "Files" in your menu bar.
I'll be happy to answer any other questions including how to locate the actual servers responsible for these and other information. Remember never follow one of these links, forward the email and header info to the company's abuse group and then delete. Never give your credit card, Social Security # or financial information to anyone you yourself did not initiate.