Phishing is attempting to acquire information (and sometimes, indirectly, money) such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.
The term "phishing" is, obviously, derived from "fishing", to reflect how email messages are sent as bait in the hope that someone will bite and get caught.
The "ph" part is a common hackerism: replacing f's with ph's. See the Jargon File for more information
Because of the way that web-browsers work, the actual text that appears as a clickable link is not actually related to where the link goes. This lets the phisher create links like this one that can have any text in them. Unfortunately this also means that they can create links like this one; "http://www.paypal.com". This link appears to go to the PayPal site, but it actually goes to our help page.
What phishers do is to create a web-site that looks authentic. Then they send out a lot of email that pretends to be from the real site. By using forged links, phishers misdirect you to their own site to try to steal your personal information.
Like most spammers, phishers have either built up lists by scanning web-sites and mailing lists, etc. or they just try a lot of random email addresses and hope to get lucky.
Yes. Just go to the Options screen, go to the Account Preferences screen and then uncheck the Phishing Protection checkbox.