bs-bd-intro
Real-Time Statistics

Phishing Insights Center

At Bolster, we leverage data from our CheckPhish phishing community of security researchers worldwide to provide valuable insights into the ever-evolving threat landscape of phishing and scam attacks. By analyzing billions of data points collected from thousands of active security researchers, we equip organizations with knowledge to understand the state of phishing.

Phishing Insights Center
Crowdsourced Intelligence

Daily Phishing Highlights

We collect a vast amount of data, including the total number of scans conducted daily, the number of total users, and the active organizations within our research community. These statistics help us gauge the scale and impact of phishing attacks worldwide and how the security community is responding.

Search

Total Scans Daily

3366551
User

Total CheckPhish Users

54995
People

Total CheckPhish Organizations

9217
Last scan updated on 2026/04/20 14:00:00
Uncover Phishing Campaigns

In-Depth Phishing and Scam Analysis

In addition to the phishing highlights, our analysis dives deeper into the specific characteristics of these scans of phishing attacks. We review and report on various aspects, including :

Count

Total Phishing and Scam Counts

Quantifying the number of detected phishing attempts and scams provides a clear picture of the prevalent threats faced by businesses and individuals.

Phish

358336

Scam

443406

Total Count

801742
Last scan updated on 2026/04/19 23:59:59
Cloud
Top Hosting Providers

Identifying hosting providers that unknowingly host phishing websites aids in collaboration between security teams and hosting providers to combat malicious activities.

Clipboard
Top Registrars

Tracking the registrars associated with phishing attacks aids in detecting and shutting down illicit domains more effectively.

Route
Top Countries of Origin

Understanding the countries where phishing campaigns originate provides vital insight into the geographic distribution of threats.

Global
Top-Level Domains (TLDs) Used

Recognizing the TLDs that are frequently abused by phishers helps identify potential sources of fraudulent activity.

Global
Categories

Identifying the top categories that attacker leverage for phishing and scam campaigns can help organizations be more alert about the risk to their industry.

1.
streaming
97583
2.
error_page
31000
3.
gambling
24377
4.
tech_support
22763
5.
online_store
17520
6.
captcha
10779
7.
crypto
7801
8.
drug
7645
9.
app_store
6737
10.
domain_parking
6082
11.
adult
5130
12.
social_media
2055
13.
banking
2023
14.
promo_code
870
15.
warning
507
16.
domain_purchase
286
17.
gift_card
192
18.
directory_listing
69
19.
url_shortener
48
20.
crypto_giveaway
42
21.
traffic_stealer
14
Top IP Addresses

Analyzing IP addresses associated with phishing attacks assists in identifying potential sources of malicious activity and blocking them proactively.

185.199.108.153
19297
185.199.109.153
19168
185.199.111.153
19147
185.199.110.153
18970
199.36.158.100
15534
209.74.68.24
7643
64.29.17.67
6514
216.198.79.195
6434
64.29.17.131
6419
216.198.79.67
6393
64.29.17.195
6308
64.29.17.3
6272
216.198.79.131
6237
216.198.79.3
6210
68.168.223.226
5154
142.251.34.193
5045
142.250.69.161
5028
208.67.249.109
4086
142.251.33.193
4062
142.250.73.97
3680
142.250.73.65
3638
142.251.46.65
3580
142.250.73.129
3154
142.251.45.129
2950
111.90.156.28
2499
172.66.154.160
2066
104.20.41.79
2051
91.195.240.19
2017
172.67.185.206
1672
172.66.43.66
1603
172.66.40.190
1596
104.21.84.32
1575
35.227.194.51
1558
34.120.190.48
1552
151.101.22.114
1552
199.192.22.141
1534
35.244.153.44
1529
34.149.36.179
1505
23.227.38.65
1441
34.149.120.3
1433
35.190.31.54
1399
34.160.81.203
1378
142.250.73.142
1332
34.160.17.71
1321
172.64.151.8
1305
104.18.36.248
1303
146.75.42.114
1290
217.60.39.100
1249
199.192.21.194
1247
104.18.6.89
1232
142.251.46.78
1214
104.18.7.89
1207
Toolkit Analysis

Phishing Kit Metrics

In our continuous efforts to combat phishing, we closely monitor and assess phishing kits that are part of these phishing campaigns. These numbers provide important insights into the tools and techniques employed by hackers. Our analysis covers factors such as:

Search

Total Phishing Kits

Quantifying the number of phishing kits discovered allows us to gauge the proliferation of these malicious resources.

Email

Unique Drop Emails

Identifying the unique drop email addresses used for phishing attacks helps in tracking the infrastructure utilized by bad actors. A “drop email” refers to the email address that is used to collect users’ secret credentials from phishing websites.

Global Search

Domains with Victim Emails

Recognizing the domains where victim emails are being sent aids in the identification and mitigation of ongoing campaigns.

Protect Your Organization

Stop Phishing Campaigns From Targeting You

By comprehensively analyzing these scans of phishing campaigns, we gain a deeper understanding of the latest techniques and trends of hackers. This knowledge enables us to develop effective risk mitigation and phishing countermeasures to help organizations protect themselves from the growing threat of phishing and scam attacks.

Need to take down phishing and scam sites and contents?
Get Help Now!
Image of Mid Year Report Cover
Report

2026 Fraud Trends & Prediction Report

Read the Report
buyers-guide
Buyer’s Guide

Buyer’s Guide: Purchasing a Brand Security Solution

Download Now
Image of Webinar
Webinar

Fraud Without Red Flags Webinar

Watch Now
Image of Takedown
One-Pager

Impersonation Takedown Website Guide

Download Now