In this case, the user’s trust is placed in the legal system. This breaks down in situations where the user’s legal system has no jurisdiction over the entity that screwed him over. The fact that phishing may be illegal in the U.S. carries absolutely no weight in other nations.

Furthermore, calling the cops on some online entity is an enormous investment of time and effort when compared to real life where all the user has to say is, "The shop on 1234 Fifth St. stole my money." There is only one 1234 Fifth St where the local police have jurisdiction, and the user can not confuse the location or the shop with any other.—Sandro

Yet people are giving away credit card and other personal information quite freely. —szabo

Because all the information the user needs to make informed decisions is hidden behind the impenetrable "little black box" that is the user interface (or isn’t even there in the first place). If presented the proper information, the user can make more intelligent decisions. They will be able to distinguish the online equivalent of buying something off a truck in an alleyway, versus buying it at Walmart. They will then, hopefully, be a little more discriminating with their information.

The current situation of "personal info free-for-all" is akin to those annoying dialog boxes to which the user simply clicks "ok"; they can’t tell a bad online decision from a good one because they either have insufficient information, or it’s represented in such a way that they cannot understand it, but they need to get stuff done, so onward they go.—Sandro