So far, we've caught security companies RSA and CA sending out emails with masked links - just like phishers often do.
Today, we have a new example, this time from an email sent out by Internet Security System. Their email looks like it's linking to icsalabs.com but really links to "rm04.net" - whatever that is:
However, it's not all bad. We never got feedback from RSA regarding our comments but apparently they are paying attention. I just received a marketing email from them. This time the masked links are gone and the mail starts off with a link to an explanation page. Nice! Although signing the message would be even nicer...