If you think that title sounds frivolous, think again. Unlike many crimes including at times murder, phishing has arguably no mitigation.
Phishing is a crime that has primarily two motivations. By far the most common is simple financial gain, ie theft. The other primary motive is criminal damage of one sort or another. This criminal damage may itself have a motive; it may be political; it may be an act of revenge; or it may be committed against all and sundry simply for the hell of it.
In addition to drug users (drug use being a victimless crime), our prisons are full of people who turn to crime because they are unable to earn an honest living, like the character discussed here. Such people may be unpleasant, anti-social and by definition criminal, and you might like to give them a wide berth, but they have an excuse - they don't know any better; they can't manage any better. Phishers do not have this excuse.
Phishing requires a certain amount of technical skill. If you don't think so, answer the following questions:
Can you forge an e-mail header?
Can you create a Trojan or similar malware that will take control of another computer?
Can you create a virus that will scan another person's PC to steal passwords and the like?
Anyone who can do any of the above has a certain technical nous about computers, programming and the cyber world generally. And anyone who has that level of skill is perfectly capable of making both an honest living and a good one. Okay, he may not be able to afford a house on millionaires' row in whichever country he lives, but he certainly won't go hungry working part time.
Most of us find our inboxes awash with phishes, and some are so extremely realistic that often you simply can't tell. There are ways to minimise if not to stop this entirely. One way is to set up a second e-mail account and use this only for Amazon, Paypal and so on. Thus any e-mails from Paypal to your main account will be clearly identifiable as bogus, like the first example below.
You can also trace e-mails fairly simply.
It would be better for all of us though if the authorities were to clamp down hard on phishers. In June this year, two members of an organised gang were given 80 month and 27 month sentences, while a man who stole a million pounds received only an eight year sentence. In practice he will almost certainly serve considerably less. If these people were given proper sentences - as in China, and if the police forces of the world hunted them down with the same enthusiasm they pursue halfwits on Twitter, organised phishing could be purged globally within a month or two.
Computers, web browsers and search engines are doing their best to stay one step ahead of the crooks. The above is what I saw when I clicked on a suspicious link sent ostensibly by someone on LinkedIn.