People stil falling for the fake email.
As always, one way to avoid phishing attacks (along with running antivirus and spam filters) is to avoid following links from any unsolicited or suspicious emails that purport to be from your bank.
I'm still surprised at how many folks have to open, read, and then click on the links in emails. Even hovering over a link and seeing where it goes is better than blindly clicking on it. I've got one acquaintance who opens and reads every email (including obvious spam) evens hits the links just because "it might be important". He hasn't learned even after multiple virus infections. I suppose many folks read every piece of mail in their snail mail also. What can they possibly be thinking?