Thanks very much, I had not considered that approach and it is serious food for thought! :)

It is quite a common. We have an 'awareness' program for our staff. Unfortunately we don't have one for our customers. Not giving away out company name, lets assume we are Evil Corporation, and out domain is evil.com. Some bright kid registered evill.com; two Ls at the end. He then emailed one of our customers and said our banking details had changed. This is the customer's loss, because he still has to pay us. The domain was registered through a questionable ISP making it very difficult to trace the true owner. My advice to the customer was to have the police follow the money; into who's bank account was the money paid. Nothing succeeds like a budgie without teeth.

You're welcome. Just remember that free advice is worth every penny. :) I strongly urge you not to take further steps without consulting your solicitor. If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack. --Winston Churchill