Elementary precaution: direct phishing to a machine that you have compromised.
Armies of compromised machines will be a growing problem unless and until ISPs are liable for permitting clearly compromised machines on their network to act maliciously. As long as the liability is moved to the edges of the network, no good solution exists.
Cheers,
Ben