This morning, I got a phishing e-mail pointing to:

http://www.securecitibank.us

It won't be long before domain name registars are forced to treat phishing target names specially to prevent this sort of things from happening.

PhishGuard TODO: If a link's textual content appears to be a URL yet differs from the link's URL, flag it as a possible phishing attempt.