He's right. Most of the time, the things that tip me off are the misspelled words and poor grammar; also, the conflicting information. For example, getting an email message from Chase Bank with a signature from a Wells Fargo employee. A lot of people are one well versed phisher from losing a lot of time and money.
There was a story on HN not too long ago where a stereotypical 419 scammer explained why the schemes haven't gotten more sophisticated. Basically, it's a waste of time and resources targeting people who aren't either senile, naive, highly religious, or just plain morons. Using proper grammar and a well-thought-out background story will just bring your scam to the attention of people who might have the ability to investigate or otherwise interfere with it.
Put another way, if you want to steal a million dollars, do it by stealing $100 from 10,000 people. Much safer than stealing $100,000 from 10 people.
Once I got a letter from Bank Of America that they had noticed weird activity on my home equity line of credit, with a weird phone number to call to talk. No one answered that number, and I don't have an equity line.
Back when "Verified by Visa" first came out, and I first saw such a page, I called my credit card company to see what was up.
The customer service people at the card had no clue what was going on. They'd never heard of it either. They told me they'd escalate the question to a manager and call my back, but they never did.
