That's bad advice. Email (which is, if you and your correspondent haven't made special arrangements, unencrypted) doesn't disappear from your computer and materialize into another at its destination - it travels along optical and wire pathways with nodes that give a motivated intruder lots of opportunities to read it. Having (specified name) in the To: field makes the pfisherman's job easier - he knows that email will contain valuable information, not just a whimper about the quality of the service on some random flight.

NEVER respond to suspicious email. If it dangles a carrot you can't resist, first forward it to the company security department. If you can't find the appropriate email address, shotgun to spam@, security@, pfishing@, postmaster@, etc.

[from aa.com: "If you have any questions regarding the legitimacy of an email you receive about an American Airlines sweepstakes, forward a copy of the email, including the header to [email protected] so that we can investigate further."

And to counter phishing, they've included the winners list at http://www.aa.com/i18n/urls/promowinners.jsp]