If the phisher has an idea of the timing of legitimate mailings that the user expects to receive, it will be that much easier to fool them.
Case in point, I recently achieved Elite status for my frequent flyer program (said status resulting in my pretzel packages being pre-opened as well as being allowed to use public washrooms in the airport).
Air Canada sent me the below asking me to login in order to customize which perks I want.
As far as I know, Air Canada does this for all Elite users at this same time each year.
Even if hadn't reached Elite status and got this mail, I'd be inclined to log-in to see if I could take advantage of their mistake.