Compromised phishing host notification

Hi all,

I had a question about notifying the owners of a site that appears to
be compromised and hosting a phishing page. For instance, I received
a phishing mail today which linked to something like
where was a small business here in the US.

Are there any common guidelines to notify the domain owners in a
situation like this, assuming I wanted to send them a friendly notice
and have no further involvement? Would there be any possible legal
issues from a casual email, and would this be an effective way to deal
with the site?
What about a service like CastleCorps PIRT? (
Is this more effective?


This List Sponsored by: Webroot

Don't leave your confidential company and customer records un-protected.
Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no
obligation. See why so many companies trust Spy Sweeper Enterprise to
eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise