It's hard to know at what point repeating advice about phishing does more harm than good as it becomes background noise but there are some useful tips to be found on the Microsoft antiphishing site.

Always double check links in emails before clicking on them. In fact I would go further than that to say never left-click on a link in an email. It is much better to right click on the link and copy the address to the clipboard first. Look at it for suspicious content. Otherwise enter the address of the site by hand using the address you always do. Why risk clicking on a link that purports to be from a bank if you already know the address.

Instant Messaging is also risky now. For example I managed to rickroll someone by changing the text displayed for the link to something other than the link itself. We had all just assumed that the Instant Messages were plain text and the software automatically created the links when it detected an URL. In fact the messages are HTML so it is possible to have a different link to the text that is displayed. I also got caught out by clicking on a link that installed a Trojan.