I just got a phish that was definitely a step up from the usual. It was in the form of a "Question from ebay member", which I occasionally get as a legitimate email from ebay. I wasn't actually fooled, since there were several subtle 'giveaways', but it is sobering to think that if I had not been paying attention, I might have clicked on the yellow button.
So far, it is possible to avoid getting scammed by these lowlife wastes of natural resources (oxygen, water, food, etc.) by following one rule:
NEVER EVER click on a link in an email that claims to be from Paypal or Ebay. Always log in to your account using your own bookmark, or typing in the url, no exceptions. The real messages will always be in your message list under "My Ebay".
It is recommended that you routinely forward all phish to
spoof@ebay.com or
spoof@paypal.com (depending on which the phish claims to be). I have seen some of these scam sites get shut down within minutes of their initial scamspam run, so I know somebody cares.
Paypal and ebay are probably the most often targeted, but I'm starting to see larger banks getting phished, too.
Too bad my personal preference for dealing with these scumbags is not politically correct.