[Nextgrid]

> He also can get prosecuted and potentially jail time for such a gamble.

I'm sure such a threat is definitely going to stop the bad guys, so let's not worry about actual security. /s

The people that should be prosecuted are the ones falling for such an obvious fraud. If you're in control of the .gov TLD and explicitly tell people to use the domain as a sign of legitimacy you are expected to know what you're doing and not be an idiot like the people currently running it.