Most of mine come from ABSA - a no-brainer since I don't bank there. Of course, if I was stupid enough to open even one I would be a really model victim.
Some come from SARS - hard to detect but one can get their messages on the website so no need to open any of these.
I got a mail yesterday which I actually can't tell if it's genuine or not as the domain is correct. If it is genuine, the financial institution should be wrapped for sending stupid mails - thereby encouraging phishing.