2. For _any_ type of phishing attack - how can taking site down help?
That's what I was thinking too.
Disconnecting, finding the breech, restoring files from backups?
Agree. At the time I've posted my #2 I did not see yet the part about forums. It makes the perfect sense to take down an offending site - even if in this case it is your own one.
I just hope that this incedent will work as a wake-up call for IS and others.
Almost a year ago on this and other forums I've pointed to unsecure logins to all but one microstock sites. The reaction was from absent to "who the heck will go for your couple bucks". Apparently there is somebody out looking for spare change
BTW, #1 was also not exactly right, caused by slight difference in terminology. I just used to call "phishing attack" something much more serious. For this level of phishing IS is a perfect target - with good effort/profit ratio.