The blog, Feross.org, posted a good article on using HTML5 for phishing on Oct 8th. Now, to most security professionals, this type of attack will be easily bypassed, but this type of attack is meant for the same group fo people who help feed the African Prince that is trying to pay you by transferring his money through your bank account. In addition, this also targets those people who do not validate the websites they go to or allow scripting on all sites.
This article could be used to help educate, although in a highly technical way, users in how to look for and prevent the success of this type of attack. It is important that all the technical defenses applied to a network or system can be circumvented by uneducated or unaware users that do not practice proper security principles.