There's various reasons that #3 is particularly useful, though I think the original writer was probably more concerned with links in e-mail or links on sites other than the site you're being asked to log in to (such as links from advertisements or other third-party sites):
1) Similarities in the way letters look in certain fonts can cause you to think you're on the correct site when you are not. This is mitigated by EV SSL usually, but if you're not paying close attention you might miss it.
2) Browser exploits (though I'm unaware of any specific ones in current browsers) have commonly focused on tricking the browser into displaying one URL when the page is actually being hosted by another.
3) Links in e-mail, specifically, asking you to "login and update your information" (or "login and sign up for paperless billing now!" is pretty common, especially when combined with some perk). Often these links use redirection to gauge effectiveness of the e-mail campaign, so it's common for the link to look strange. If the e-mail is a phishing attack, that redirection could include code injection resulting in you being sent to the right URL to login, but with malicious code inserted to capture credentials or do other fun and exciting things. Of course, the site would have to have some existing XSS vulnerability on the login page, or the code would have to be attacking a browser/plug-in vulnerability, for you to see the EV SSL indicator properly in the address bar.
The last point is also usually mitigated by extensions like NoScript in Firefox.
1) Similarities in the way letters look in certain fonts can cause you to think you're on the correct site when you are not. This is mitigated by EV SSL usually, but if you're not paying close attention you might miss it.
2) Browser exploits (though I'm unaware of any specific ones in current browsers) have commonly focused on tricking the browser into displaying one URL when the page is actually being hosted by another.
3) Links in e-mail, specifically, asking you to "login and update your information" (or "login and sign up for paperless billing now!" is pretty common, especially when combined with some perk). Often these links use redirection to gauge effectiveness of the e-mail campaign, so it's common for the link to look strange. If the e-mail is a phishing attack, that redirection could include code injection resulting in you being sent to the right URL to login, but with malicious code inserted to capture credentials or do other fun and exciting things. Of course, the site would have to have some existing XSS vulnerability on the login page, or the code would have to be attacking a browser/plug-in vulnerability, for you to see the EV SSL indicator properly in the address bar.
The last point is also usually mitigated by extensions like NoScript in Firefox.