Sure, but there are about a million times as many people able and motivated to do the wifi-neighbor attack than the stalker-ISP-gnome attack. And as people with true identities in a stable position of authority at as service provider, the gnomes are easier to find and hold accountable.
This difference -- from random anonymous stranger whose only invested in software, to physical infrastructure with paid staff -- is also one reason bank phishing attacks happen via websites and not actual storefronts made to look like real banks.
If the only threat to Twitter and Facebook users was ISP-gnomes, the websites could put off fixing the issue for another decade.