Try to make sure when commenting/warning about a phishing link, to avoid using the url itself. While you didn't include the http or www, some browsers / extensions can make that link clickable, and we want to avoid spreading the infection at all costs.
Preferably use something like badwebsite(dot)com.
Thanks!
Yep. Lesson learned.