A vulnerability has been found in IE7 that would allow a Phishing site to be displayed on a users screen...
The user has provied proof if concept code that can show you the problem in action.
"Phishing using IE7 local resource vulnerability" at
Aviv Raff On .NET - Phishing using IE7 local resource vulnerability