Hacking teams are targeting phishing websites in a spate of online vigilante attacks.
UK security firm Netcraft has spotted two recent phishing sites that were quickly taken down and replaced by pages warning customers of the attempted fraud.
A hacker known as 'sickophish' took down a site targeting PayPal customers, while a group known as 'The Lad Wrecking Crew' has defaced a number of phishing sites and even offers a website of images for others to use.
One defacement reads: "Were you looking for the bank that was supposed to be here? We trashed it because it wasn't real. You could have lost thousands of dollars of your hard-earned life-savings! There is no need to thank us, really."
Netcraft said in a statement: "Phishing sites are commonly found hosted on compromised web servers, where lack of security allows fraudsters to access machines and upload phishing content.
"If a fraudster exploits these security weaknesses without subsequently securing the machine, then online vigilantes are just as likely to exploit the weaknesses to go in and replace the fraudulent content."
The company noted that, while phishing is certainly against the law, there is a legal grey area over the criminality or otherwise of the hackers' actions, since the only person damaged by the attacks is a fraudster.
HP ZBook x2 offers 32GB RAM, M.2 SSD with up to 2TB storage and Nvidia Quadro GPU
Laptops should be able to offer true all-day working, and some
CGN has created an "online capability gap" between cyber criminals and law enforcement, says Europol
ISPs use Carrier Grade NAT to share IP addresses amongst multiple users
Attack revealed bugs and potential security flaws that were later exploited in real-world cyber attacks