Hacking teams are targeting phishing websites in a spate of online vigilante attacks.
UK security firm Netcraft has spotted two recent phishing sites that were quickly taken down and replaced by pages warning customers of the attempted fraud.
A hacker known as 'sickophish' took down a site targeting PayPal customers, while a group known as 'The Lad Wrecking Crew' has defaced a number of phishing sites and even offers a website of images for others to use.
One defacement reads: "Were you looking for the bank that was supposed to be here? We trashed it because it wasn't real. You could have lost thousands of dollars of your hard-earned life-savings! There is no need to thank us, really."
Netcraft said in a statement: "Phishing sites are commonly found hosted on compromised web servers, where lack of security allows fraudsters to access machines and upload phishing content.
"If a fraudster exploits these security weaknesses without subsequently securing the machine, then online vigilantes are just as likely to exploit the weaknesses to go in and replace the fraudulent content."
The company noted that, while phishing is certainly against the law, there is a legal grey area over the criminality or otherwise of the hackers' actions, since the only person damaged by the attacks is a fraudster.
Indonesian overclocker Ivan Cupa (with the aid of a lot of liquid nitrogen) achieves record overclock on AMD's latest Threadripper
Ssupermassive black hole is so big it corresponds to four per cent of the galaxy's total mass
Imminent attack will target a single bank with cloned cards used to fraudulently withdraw millions over one weekend
Using photocatalysts to convert carbon dioxide into usable energy such as methane or ethane