Hacking teams are targeting phishing websites in a spate of online vigilante attacks.

UK security firm Netcraft has spotted two recent phishing sites that were quickly taken down and replaced by pages warning customers of the attempted fraud.

A hacker known as 'sickophish' took down a site targeting PayPal customers, while a group known as 'The Lad Wrecking Crew' has defaced a number of phishing sites and even offers a website of images for others to use.

One defacement reads: "Were you looking for the bank that was supposed to be here? We trashed it because it wasn't real. You could have lost thousands of dollars of your hard-earned life-savings! There is no need to thank us, really."

Netcraft said in a statement: "Phishing sites are commonly found hosted on compromised web servers, where lack of security allows fraudsters to access machines and upload phishing content.

"If a fraudster exploits these security weaknesses without subsequently securing the machine, then online vigilantes are just as likely to exploit the weaknesses to go in and replace the fraudulent content."

The company noted that, while phishing is certainly against the law, there is a legal grey area over the criminality or otherwise of the hackers' actions, since the only person damaged by the attacks is a fraudster.

Netcraft has just released an anti-phishing toolbar for the Firefox web browser.