Phishing attacks have been around for a long time, but they’re increasing in frequency, and they’re also getting more sophisticated. And no one is safe, regardless of what operating system you use since recent attacks of this type are targeted toward the web browser and browser plug-ins rather than the OS.
They still usually begin with an email message. Some of these are pretty obviously phony, like the message I received recently purporting to be from hmrc.gov.uk (Her Majesty’s Revenue & Customs), notifying me that I have been determined to be eligible for a tax refund if I just complete the attached form (which, of course, contains a malware file). The fact that I’ve only been to the U.K. once and have never filed a tax return there was the big clue that this might not be legit. But it’s well done, and might very well fool some U.K. residents.
Read here about how phishing attacks are evolving.