Lucio
I'd love to know more details on this, is it that they simply setup sites that looked like Gmail/Hotmail et al or is more complex at that?
There were multiple scams involved in these phishing attacks. The emails all have the right logo, usually the company's standard disclaimer and all but the target link goes back to the original company. The English is good and the URL contains the company name at the front.
Here is a summary of a few phishing emails.
1) There is a video/picture of you click here.
2) Due to criminal attacks we have improved our security you now need to verify your account.
3) There is suspicious activity on your account login or we will delete your account.
The person clicks on a link that takes them to a very convincing spoof website. They login and the criminals use an
automated process to capture that information. Then they access the person's accounts, change their email and passwords, access the contacts and sends out emails from that person's account usually something similar to “there is a video” email. And because those contacts know the person sending them the email they click.
The important thing to note is how sophisticated that the systems are becoming. The phishing, gather data and using that data has become automated. The quality of the spoofing, English etc is very good.
So, it isn't that people are stupid. They could be tired, in a rush, see that their email account is going to be deleted- react before they think or just inexperienced/naive users.