Ahh. So with Google safe-browsing in Firefox and Chrome, and MS whateverthefuck filter, clearly there are no successful phishing attacks involving websites.
No, I've reported phishing domains that stayed up for over 48 hours. Google (stopbadware, opendns anti-phishing) and Netcraft respond pretty quickly to phishing reports but people still end up at the sites trying their damnest to log in.
Maybe hosting providers should be the same way when you report one of their servers as hacked and being used for a botnet check-in or malware hoster. Do nothing until a court order. That should work well!