I have never had my credentials on anything compromised. I work in computer security so I am a bit more cautious I guess.

Whenever you get an email that includes a link where it asks you to log in stop and take a close look at the message. If you click on the link it will load up your browser and then you can see the domain. Copy the domain name and go to DNS411.com and do an swhois on it. It will show you who owns that domain.

It is mainly just slowing down and being cautious.

I do think that the OPs idea is a good one, however but it might never be implemented.