I've been getting phishing spam for six months now in which the drop box for harvesting addresses is hosted on a domain that lives on Namecheap servers. I send complaints, and get back the automated "we take abuse reports very seriously" email. Then a day or two later I get more phishing spam, almost always sent from a Bluehost IP address, almost always with the drop box hosted by Namecheap.