This is not "hacking back." This is setting up honeypots and lurking carding forums. I think it's important that this kind of behavior doesn't get lumped into the same bucket as a counteroffensive. The idea of hacking as retribution is one of the dumbest corporate indecent response ideas I've heard taken seriously. The most obvious and convincing arguments against it are just the arguments against vigilante justice, which it is.
Undercover hacking team diary, day 2: "We've discovered a ring of people hell-bent on wreaking havoc with the world economy for profit - found them by breaking into a secret server located at 127.0.0.1"
> a coterie of non-existent bankers, with fake e-mail addresses and biographies, whose details appear on bogus web pages not linked to the rest of the bank’s website.<p>So how do I, fraudster, find them ?<p>And if I do, now a little bit of link work will reveal them