The criminals who phish are quick to switch methodology. When one tactic is not productive enough, the phishers change to a new tactic. The noticeable change has been that there is less emphasis on spoofed web sites. There are new methodologies:
“…more phishers began asking victims to install browser plug-ins or other types of software. To pull this off, they’d send e-mail that comes with malicious software that’s supposed to be a security update from a bank. Sometimes they’d simply purchase time on infected botnet computers and install code that steals banking credentials from machines that had already been hacked.
Attacks that install malicious software are easier to launch than they’ve ever been and are clearly on the rise, said Mickey Boodaei, CEO of Trusteer, a security company that makes desktop security software used by banks. “We’re seeing a clear shift from phishing attacks.”"
You may not install plug-ins knowingly. However, it is possible that plug-ins and/or malware have been installed by stealth methods. Checks for updates to your security software and run those programs on a consistent, regular basis. You may be busy but you will be preventing a whole myriad of problems if you maintain strict security habits.