Recently I received a very legitimate-looking email supposedly from Facebook. It wanted me to click on a link to read a message. Even though the visible link text shows the link going to facebook.com, the actual link would have taken me to a Romanian web site.
The trick: in Outlook 2007, hover over (do not click on) the link with your mouse. The real destination will appear in a small window. If the address doesn’t match the one in the email, or if you are not sure it is the valid address of a trusted vendor, don’t click on it!