I recently activated my yubikey for blockchain.info.
So, I am wondering, if I would have fallen for that, would I have a problem?
Yes. You would enter your identifier/password into the phishing site along with your yubikey code then the attacker could instantly enter the same information into blockchain.info and have access to your wallet.
c) I don't have a blockchain account.
This is the only thing that can save you from future scams and hacks. You might have dodged this one even if you had a blockchain account, but scams get better and blockchain.info can get hacked too.
Not having a blockchain account or not storing any BTC there is the only viable option imo.
Everything is done on the client side (key creation, key encryption/decryption TX pushing) so as long as you are using their wallet you should be fine. You just need to be sure that you are actually using their wallet and not an imposter; their wallet is open source and is available on github so you could potentially get it from there and run it locally