When you take down a phishing domain or server, don’t just take it off the net: redirect it to this education page so victims of phishing can learn in the act of being suckered by a phisher that they should be more careful what they click on.

As someone in the audience pointed out, whatever you do don’t redirect phishing pages back to the actual sites being phished, i.e., if the phisher was pretending to be a bank, don’t take down the phisher’s redirect and replace it with a redirect to the bank itself. THat just teaches people the wrong thing, to follow a bad link.

Instead, link to the APWG/CMU landing page. Which could use a catchier name (how about Phishing: Fail!), but it’s already a really good service.