There doesn't seem a lot one can do against that kind of attack, other than maybe introducing a convention for a reminder on each login page that the user should check that the URL starts with "http://%SUBDOMAIN%.%COMPANY%.com".
An attacker could still create a subdomain like http://mail.google.com.evil.com/. The problem comes for mobile phones not showing the whole domain due to lack of screen space.
A nice reminder of the critical design failure of dns - putting the domains from leaf to root (reverse of file-systems) will be a security and usability problem for decades.
