I just received a phishing email pointing to http://www.chris-floyd.com/images/stories/tmp/pal.php but purporting to be from KiwiBank (I don’t bank with them).
A quick google and I found http://empireburlesquenow.blogspot.com/ and in the sidebar it says
Surely if there are relentless hackers you stay vigilant and look at what you have on your site that lets those hackers in. And clearly they’re in if they are using the site to phish.
I don’t know who Chris Floyd, the person, is but he needs to secure his site.