Back in the previous century, I, a young lad at the time, opened a Yahoo! mail account. Over the years this account moved from being my main e-mail account to my "throwaway" account for putting in online forms. As a result, this account (now going on 9 years old!) gets literally thousands of spams a day. To Yahoo's credit, 99% of the chaff is successfully separated from the wheat and gets sent to the bulk mail folder.
Today I received, as I do quite often, a "question from a buyer" e-mail purporting to be from ebay.
I haven't used ebay in at least 2 months, nor sold anything in almost a year. So I knew it to be faked.
Curious as to the current state of the phishing art, however, I spared the message from the bin and opened it. A well done job making it look official, it even had an "@ebay.com" return address.
My respect (if that is the right word) for the phisherman was quite high. Not only had they been able to fool Yahoo's filters, a feat onto itself, but had done a superb job of forgery.
Until I clicked on the link.
I'm not sure if it's my mail client or Firefox (I think its Firefox) but the 287 character URL made Firefox unhappy and didn't work. So I plugged it into IE (using the IE Tab Extension for FF) and this is what I got:
Long story short, it's probably not a good idea to remind the people you're trying to scam on how to detect that they're being scammed. but that's just my opinion...