Don't allow HTML rendering of <a> element where href links to another URL than shown, don't allow any (java)scripts to run, or at least give user a warning that he is about top open a new window into domain XYZ.
This is how I found out quite a few scams (apart from obvious ones with improper wording or visual formatting, but those are on purpose so bad to catch only most unskilled or gullible, ie your grandma)
This is how I found out quite a few scams (apart from obvious ones with improper wording or visual formatting, but those are on purpose so bad to catch only most unskilled or gullible, ie your grandma)