Phishing emails fall into two broad categories: those which offer something that sounds too good to be true or those which urge you to update security information threatening account closure or suspension if you don't comply with them.
Both types direct you to fraudulent sites with the specific intention of getting you to supply personal information which they then use for illegal purposes. This can be done by either accessing your accounts directly or pretending to be you in order to steal goods and services (which you are then liable for!).
Phishing attacks are not restricted to email, they can also be sent by instant message and text but they will still direct you enter your information (password, bank details, date of birth, security information, etc.) at a fake website which may look and feel entirely genuine.