Just say no to html email.
If someone wants to send me a webpage, they can put it on the web and email me the url.
Hmm. . . Tempts a person to go to their fake website with a script to just absolutely fill them up with bogus logins that won't work. That might be something to do the next time I get a scam e-mail like that.
If they have a lukewarm IQ, they'll log your ip, username, and password. That way, they can very quickly delete all entries from one IP if someone tries to poison the list.
I do that with some online polls, but only because online polls matter to some people. If they think there are a lot of people with an opposing viewpoint, they might at least take 5 seconds to reconsider their position. That's a win. Poll numbers mean nothing unless they're for an election.