With companies such as GMail now taking action to try and block phishing messages:

Phishers are having to try harder to get their messages through the protection systems about, and I've seen a message trying this in a way I've not seen before:

Now it's entirely possible that lots of people will read that and think it makes sense and open the attachment. But wait a second, isn't this a bit suspicous? An unsolicited email, claiming to be from my bank, that doesn't address me by name asking me to log in using a link they've provided. And asking me to open an attachment. And wait a second, on this page (http://www.hsbc.co.uk/1/2/security/phishin...g_3nP:12ntf16af) HSBC themselves tell me not to open unsolicited attachements. Very phisy.

Being quite concerned, and not wanting anything nasty on my computer, I fired up Google Docs to take a look at it, while reducing the risk of it harming my computer. Here's what I saw:

A fairly official looking document that had managed to pass GMail's phishing filter and presented me with an official looking URL. But wait a second, where does that link lead?

Oh dear... not the HSBC website.

So, how to protect yourself? Always beware emails claiming to be from your bank, it they're real they'll adress you by name (or postcode or some other information the phishers shouldn't know), they'll never ask you for (or to verify) any security details and NEVER click on the links in the emails - type your banks website in the adress bar yourself.
If you recieve an email you suspect to be phishing there's a few things you can do:
Report it to the email provider (e.g. for GMail, Hotmail:)

Report it to the bank (they should have an report phishing email address, found on their website e.g phishing[at]hsbc[dot]com)
report it in your web browser (e.g. for FF and IE:)

And if you entered any personal information contact your bank by telephone or branch IMMEDIATLY.
For more information please visit: http://www.getsafeonline.org/ and http://banksafeonline.org.uk/