This reported by the WSJ today may explain the mess we were in: Microsoft says it has helped pull the plug on a massive criminal platform that sold ready-made online hacking kits for budding cybercriminals.
The move, announced Wednesday, involved seizing more than 300 web domains, including fraudulent website login pages, the company said. Working with Cloudflare, a cloud service provider, it also blocked the digital infrastructure that supported the phishing tools used by countless hackers to fool targets into clicking on malicious links.