I got an email this morning that claimed £40 ish pounds was speant on my Apple account.
The email looked realistic enough and the cancel href linked through to a website called:
http://firstname.lastname@example.org. [Who is Lookup](https://sign.tcns.com/dot-root/whois.cfm?domain=callmarty&security=on&action=whois&http://www.tcns.com/alerts/ie.html)
That forwarded on to:
http://www.securing561.idcaseapp875.co.uk/app/account/login.php?itunes=_connect-run&secure=2w83749283749827498787297. [Who is lookup] (http://www.nominet.uk/whois/?query=idcaseapp875.co.uk)
Which was registered to 1&1 Internet.
It was easy enough to report the email, however it isn't clear how you can report these URLs to hosters.