Most people won't think twice about the link in the email. They'll usually stop at the login screen because it doesn't look right, has a wrong URL, etc. Having done a lot of work in this area I can tell you that I'm definitely not in the minority.
Clicking the link from a secure VM sure puts me in the minority, but just clicking the link? Lots of people do that and then get suspicious.
That's why you need two steps to truly know how bad it is.
I'd received an email on my corporate email address from some courier service claiming that they weren't able to deliver a package to me. The email also contained a link which upon clicking took me to a page which displayed the message "congratulations! You've fallen prey to a phishing attack".
Later we realized that this was a test conducted by the firm (a large investment bank) that I work for!
The courier service vector is an effective way to trick people.
You can ring an intercom in any big apartments block and ask to be opened the door to deliver whatever, most of the time you'll find a resident to open. No reason for it to not work in emails :)
That one is a classic, although the text is incorrect as you didn't fall prey to the attack by simply clicking the link (if you work computer is vulnerable that is ITs problem, if it is a zero-day then nobody is safe).
Not related to mail fishing as javascript is filtered (disabled) for emails, but more with browsers ...
I'm a nitpicker but that's one of the reason why i dislike safari browser.
You need the status bar enabled in order to see the links destination url and I don't like the 7 pixels height taken by this bar.
But as I am browsing with javascript enabled, I can't be sure that the url showed by the link is the destination I'll be sent to. That's something quite hard to explain to non technical people (like my parents). I'm not even trying to be honest.
I'm not sure what to think about this behavior and generally with link shortener, it's an easy way to phish people in forum, comments, ...
