From reading your post, I'm not sure whether you were the one conned by the phishing or someone else because I've NEVER heard of a bank demanding clients to go online (no doubt, to the link provided in an e-mail) to reset their passwords (no doubt, by providing their old password in order to change).
What do banks actually do? Tell their customers that they will NEVER e-mail asking them to login to change their password details, they will NEVER phone for username and password details, that they must ALWAYS use their bookmarked link to the bank's website to login, i.e., NEVER click a link in an e-mail. A bank can do no more than that and still provide a service.
There is a thread
In case you missed the PC World article (Browser Fingerprints: A Big Privacy Threat
) and the Electronic Frontier Foundation's article (How Online Tracking Companies Know Most of What You Do Online (and What Social Networks Are Doing to Help Them)) and the EFF has a page to show what your browser is sending
(33 points identify an individual).