I know the head abuse guy at Godaddy. He is a reasonable person. He turns off large numbers of domains but he is human and makes the occasional mistake. The fact that everyone cites the same mistake tells me that he doesn't make very many of them. We cite this one because it was such an unbelievable cock-up it wasn't funny. Fyodor a blackhat? Seclists.org a malicious site? Honest to god did
the guy do even the teensiest little bit of due diligence before shutting the site down? I don't believe he did. There have been plenty of other examples of GoDaddy deleting stuff they shouldn't have. Seclists.org just takes the cake. An even better question would be why doesn't he read seclists.org in the first place? It would be an excellent way to keep on top of security problems- something someone in your friends position should probably be doing.
Actually, I have never seen any evidence that phishers use domain tasting. Phishers use stolen credit cards, so why would they bother asking for a refund? The motivation for tasting is typosquatting and "monetization", parking web pages full of pay per click ads on them. Tasting is a bad idea that should go away, but phishing isn't the reason. I agree that typosquatters and the like are the primary reason and that it should go away. As for the phishers- fine- say the problem is stolen credit cards. What then is the solution?
-Don