It's a well-documented global problem.
> and you fix it with regulation,
Governments are often not opposed, and sometimes active encouragers or procurers of the ISP injection.
Also, the HTTPS requirement for .dev domains is regulation, even if it isn't government regulation.
Defrauding someone electronically is illegal but you still encrypt your data in transit.
