Not heard it called phishing before..ussually called spoofing. And you -can- tell its being done, if you look at all the headers carefully.
Of more concern is an email I got from "Citibank" asking me to change my PIN. The link said
http://citibank.blahblahblah, but actually lead to a site with no DNS entry- if you looked in the status bar. If you didn't, and clicked on the link you got an exact copy of the Citi website. Even the first part of the domain name was right- but if you read farther the spoofing was there.
Of course, I'm not a Citibank customer..so I KNEW something was fishy. Wonder how many people will fall for that.