The Windows Live team blogs writes:
Thanks to coordinated efforts across the tech industry, and partnerships between industry players who are a part of the Anti-Phishing working group, over the years most web services, users and other applications have become smarter at spotting tricks like link manipulation, phone phishing, and forged websites. Cybercriminals have adapted to improved vigilance by focusing on the consumers as easier targets than battling technology.
Unfortunately, even technologically unsophisticated attacks can be successful because people traditionally underestimate the value of their online identities, and the gates that this information can open.
In most cases, this type of phishing attack is carried out by sending a simple e-mail that appears to be from someone you know. It might appear to be from the customer support department of Hotmail or another webmail provider, or it may even appear to come from a friend of yours (most likely, the message went to their entire contact list) and asks you to provide the credentials for your webmail service or it instructs you to click a link. Probably every one of us has seen an attack like this by now!