Most important is to act quickly against the fraud, thereby reducing its effectiveness. Once the risk is analysed, any fraudulent emails should be included as evidence to the internet service providers (ISP), together with a clear explanation of how the email/website is engaging in fraudulent behaviour.