Kate, clue #1 is "Dear Apple Customer".

Any email sent by a legitimate list holder will refer to you by name. For instance, a common HTML code phrase would be something like *|FNAME|*. You wouldn't see that, but you would see "Dear Kate", because it automatically retrieves the recipient's first name from the email list and inserts in the greeting and without the actual list (which the phisher wouldn't have) it can't be done.

Capice? smile