Namecheap is operating exactly they way they want to. Their abuse department will claim they can't find the domain you complained about (it's line 1), or say they're working on it, or say there's no evidence of abuse. Their Twitter account is far more responsive but it's still retroactive. Namecheap does nothing to stop crime gangs from registering an infinite number of new domains. Besides the Namecheap component, there are one or two high volume SMS spam crime gangs a well-established and stable infrastructure on Salesforce, Amazon, Cloudflare, and High Speed Web. Yes, they're all fully aware that they're hosting a credit card phishing gangs.