bs-bd-intro
Real-Time Statistics

Phishing Insights Center

At Bolster, we leverage data from our CheckPhish phishing community of security researchers worldwide to provide valuable insights into the ever-evolving threat landscape of phishing and scam attacks. By analyzing billions of data points collected from thousands of active security researchers, we equip organizations with knowledge to understand the state of phishing.

Phishing Insights Center
Crowdsourced Intelligence

Daily Phishing Highlights

We collect a vast amount of data, including the total number of scans conducted daily, the number of total users, and the active organizations within our research community. These statistics help us gauge the scale and impact of phishing attacks worldwide and how the security community is responding.

Search

Total Scans Daily

3340483
User

Total CheckPhish Users

57180
People

Total CheckPhish Organizations

9530
Last scan updated on 2026/06/24 17:00:00
Uncover Phishing Campaigns

In-Depth Phishing and Scam Analysis

In addition to the phishing highlights, our analysis dives deeper into the specific characteristics of these scans of phishing attacks. We review and report on various aspects, including :

Count

Total Phishing and Scam Counts

Quantifying the number of detected phishing attempts and scams provides a clear picture of the prevalent threats faced by businesses and individuals.

Phish

564358

Scam

488132

Total Count

1052490
Last scan updated on 2026/06/21 23:59:59
Cloud
Top Hosting Providers

Identifying hosting providers that unknowingly host phishing websites aids in collaboration between security teams and hosting providers to combat malicious activities.

Clipboard
Top Registrars

Tracking the registrars associated with phishing attacks aids in detecting and shutting down illicit domains more effectively.

Route
Top Countries of Origin

Understanding the countries where phishing campaigns originate provides vital insight into the geographic distribution of threats.

Global
Top-Level Domains (TLDs) Used

Recognizing the TLDs that are frequently abused by phishers helps identify potential sources of fraudulent activity.

Global
Categories

Identifying the top categories that attacker leverage for phishing and scam campaigns can help organizations be more alert about the risk to their industry.

1.
streaming
107718
2.
gambling
57143
3.
tech_support
24248
4.
online_store
17085
5.
warning
16780
6.
error_page
15489
7.
captcha
8771
8.
crypto
8560
9.
app_store
7690
10.
banking
3389
11.
adult
1512
12.
drug
1510
13.
domain_purchase
997
14.
domain_parking
925
15.
promo_code
791
16.
social_media
539
17.
gift_card
271
18.
directory_listing
122
19.
url_shortener
100
20.
crypto_giveaway
49
21.
traffic_stealer
30
Top IP Addresses

Analyzing IP addresses associated with phishing attacks assists in identifying potential sources of malicious activity and blocking them proactively.

185.199.109.153
26731
185.199.108.153
26710
185.199.111.153
26356
185.199.110.153
26338
199.36.158.100
19396
142.251.33.193
6679
142.251.45.129
6590
142.250.73.65
6290
142.250.69.161
6279
104.21.76.253
6178
216.198.79.195
6081
172.67.202.191
6069
64.29.17.195
6068
64.29.17.131
6011
142.250.73.97
6008
142.251.34.193
5998
216.198.79.131
5982
216.198.79.67
5930
64.29.17.3
5907
64.29.17.67
5833
216.198.79.3
5814
142.250.73.129
5697
104.18.54.45
3175
104.18.50.34
3125
172.67.195.65
2715
104.21.90.155
2665
104.21.20.254
2641
172.67.202.64
2603
216.198.79.1
1931
51.79.58.149
1788
142.250.73.142
1776
34.149.120.3
1775
35.190.31.54
1759
34.149.36.179
1759
172.66.44.107
1756
35.244.153.44
1742
34.120.190.48
1731
35.227.194.51
1729
34.160.81.203
1712
172.66.47.149
1695
34.160.17.71
1685
8.230.105.83
1671
185.158.133.1
1658
142.250.69.174
1643
172.67.182.206
1642
142.251.34.206
1550
104.21.32.45
1542
142.250.73.78
1533
142.250.73.110
1459
142.251.45.142
1450
104.21.44.99
1403
172.67.198.135
1313
Toolkit Analysis

Phishing Kit Metrics

In our continuous efforts to combat phishing, we closely monitor and assess phishing kits that are part of these phishing campaigns. These numbers provide important insights into the tools and techniques employed by hackers. Our analysis covers factors such as:

Search

Total Phishing Kits

Quantifying the number of phishing kits discovered allows us to gauge the proliferation of these malicious resources.

Email

Unique Drop Emails

Identifying the unique drop email addresses used for phishing attacks helps in tracking the infrastructure utilized by bad actors. A “drop email” refers to the email address that is used to collect users’ secret credentials from phishing websites.

Global Search

Domains with Victim Emails

Recognizing the domains where victim emails are being sent aids in the identification and mitigation of ongoing campaigns.

Protect Your Organization

Stop Phishing Campaigns From Targeting You

By comprehensively analyzing these scans of phishing campaigns, we gain a deeper understanding of the latest techniques and trends of hackers. This knowledge enables us to develop effective risk mitigation and phishing countermeasures to help organizations protect themselves from the growing threat of phishing and scam attacks.

Need to take down phishing and scam sites and contents?
Get Help Now!
Image of Mid Year Report Cover
Report

2026 Fraud Trends & Prediction Report

Read the Report
buyers-guide
Buyer’s Guide

Buyer’s Guide: Purchasing a Brand Security Solution

Download Now
Image of Webinar
Webinar

Fraud Without Red Flags Webinar

Watch Now
Image of Takedown
One-Pager

Impersonation Takedown Website Guide

Download Now