Quote Originally Posted by Xehlwan View Post
Being on the correct site is what that advice is all about. A phishing site will always use http, since they are highly unlikely to have a trusted certification chain. Square Enix, on the other hand, will always use https for anything security related.

In short, if a link relating to your account uses http, rather than https, then the link is guaranteed to be fake. This makes it easy to dismiss phishing mails for FFXIV, even for those who are not versed in IT or webdesign. It doesn't make you impervious to fraud, but it is sound advice.
Not all of Square-Enix's pages are HTTPS. Some are HTTP. All account or log-in related things WILL be HTTPS, if they're not, get off the site asap and check manually.