As mentioned before, read the link carefully. Sometimes they will try to use links that end in ".php". Also, as mentioned before as well, look to see if they have a link that contains misspellings compared to your bank's home-site. And lastly, look for misspellings in the email as well and check to see if they have any attachments. If they do have an attachment, DO NOT OPEN IT! But often a good indicator is looking at the email-address that they sent it from. Often it'll be misspelled or random numbers/letters.
This is generalized self-security for emails.