How to not be phished
A Case Western Reserve researcher was fooled by an email into giving out his Bank user id and password. the email took him to a site that looked like Keybank, but it was a scam. Doubtless there will always be thiis type of phishing attack, and there are various ways of seeing whether the link in emails are real, then the hackers wil develop new techniques.
There is a a foolproof method to avoid this problem without regard to the technical aspects of the fake links. When you get an email from anywhere that has a link in it, if it's not an expected email, do not click it. Just open a web browser and type in the address you want directly. If I may be permitted a violent metaphor, no one is hacking fingers yet.