Never thought of that browsers could recognize such an "IP" address:

http://1113515567/

Actually, the linux wget utility also understands it.

The above obfuscated URL points to IP 66.94.230.47, i.e. one of the www.yahoo.com's servers.

I wouldn't notice this not until a phishing mail to my mailbox uses this technique.  Of course, that mail didn't point me to yahoo but something else.

After playing with the numbers for a while, it appears that IP address is nothing more than just a 4 digit number of base 256.  So, the big decimal above is the decimal representation of this 4-digit number.

Perhaps it's not by intention but simply natural.  A better explanation at lumphammer.net.  Actually, it was something dated 2002.  It details also one URL obfuscation method for use in phishing.

Reading mails becomes more and more a military activity nowadays.  You have to play minesweepers a lot in order not to step into shit.  Anyway, perhaps the easiest strategy is just not to click on any link from strange mails, except for curious cats (with high defense PC setup...) like me...