Too many people seem to think that some nebulous security force, perhaps, even a form of law enforcement, is engaged in taking down phishing sites. They may not even think about this subject at all. The security force thing is something that couldn’t be farther from the truth. In reality, the security community is a literal community that depends on practitioners finding malicious sources of information and acting on them. It’s a bit like the awareness see-something-say-something mantra. It is difficult to assess how many acts of violence and threats across the internet are revealed through a goodwill party that speaks up. But it happens, all the time. Most of us would prefer a nicer, gentler internet but there are always going to be outliers that see the internet as an opportunity to bait victims into giving up sensitive information and thus being exploited financially.