Apparently nothing really new, but the facts given are actually interesting: the types of attacks differ according to the security systems adopted by countries. Hence, Germany who favours strong identification procedures is attacked by Trojans and is rather left aside from the phishing method to frauding. On the contrary, the US are a very much liked destination by phishers. This data proves that security measures can be effective, even if they are not perfect. Hence, the law, especially criminal law, represents only a tool of last resort.
See "Banks under fire as phishing attacks accelerate" (19 March 2008) http://news.zdnet.co.uk/security/0,1000000189,39369892,00.htm