bs-bd-intro
Real-Time Statistics

Phishing Insights Center

At Bolster, we leverage data from our CheckPhish phishing community of security researchers worldwide to provide valuable insights into the ever-evolving threat landscape of phishing and scam attacks. By analyzing billions of data points collected from thousands of active security researchers, we equip organizations with knowledge to understand the state of phishing.

Phishing Insights Center
Crowdsourced Intelligence

Daily Phishing Highlights

We collect a vast amount of data, including the total number of scans conducted daily, the number of total users, and the active organizations within our research community. These statistics help us gauge the scale and impact of phishing attacks worldwide and how the security community is responding.

Search

Total Scans Daily

3036772
User

Total CheckPhish Users

47483
People

Total CheckPhish Organizations

7887
Last scan updated on 2025/09/26 20:00:00
Uncover Phishing Campaigns

In-Depth Phishing and Scam Analysis

In addition to the phishing highlights, our analysis dives deeper into the specific characteristics of these scans of phishing attacks. We review and report on various aspects, including :

Count

Total Phishing and Scam Counts

Quantifying the number of detected phishing attempts and scams provides a clear picture of the prevalent threats faced by businesses and individuals.

Phish

505108

Scam

213891

Total Count

718999
Last scan updated on 2025/09/21 23:59:59
Cloud
Top Hosting Providers

Identifying hosting providers that unknowingly host phishing websites aids in collaboration between security teams and hosting providers to combat malicious activities.

Clipboard
Top Registrars

Tracking the registrars associated with phishing attacks aids in detecting and shutting down illicit domains more effectively.

Route
Top Countries of Origin

Understanding the countries where phishing campaigns originate provides vital insight into the geographic distribution of threats.

Global
Top-Level Domains (TLDs) Used

Recognizing the TLDs that are frequently abused by phishers helps identify potential sources of fraudulent activity.

Global
Categories

Identifying the top categories that attacker leverage for phishing and scam campaigns can help organizations be more alert about the risk to their industry.

1.
streaming
105167
2.
gambling
85562
3.
tech_support
51097
4.
online_store
13049
5.
crypto
11665
6.
captcha
6843
7.
banking
4089
8.
drug
3478
9.
app_store
2333
10.
error_page
2254
11.
domain_parking
1000
12.
promo_code
886
13.
adult
657
14.
domain_purchase
628
15.
gift_card
305
16.
url_shortener
74
17.
directory_listing
63
18.
warning
49
19.
crypto_giveaway
31
20.
social_media
30
Top IP Addresses

Analyzing IP addresses associated with phishing attacks assists in identifying potential sources of malicious activity and blocking them proactively.

185.199.111.153
28592
185.199.108.153
28559
185.199.109.153
28205
185.199.110.153
28172
199.36.158.100
18709
216.198.54.6
12343
216.198.53.6
12330
104.18.36.248
12130
172.64.151.8
11984
194.156.26.4
9718
66.85.46.143
9584
194.156.26.6
9008
80.82.76.140
8913
23.202.205.203
8289
185.159.247.103
8152
185.159.247.105
6989
94.102.51.95
6270
185.159.247.239
5873
54.37.204.38
5444
185.159.247.146
5360
172.67.164.143
5337
104.21.89.194
5288
172.67.71.226
4651
45.10.243.9
4627
104.26.3.211
4625
104.26.2.211
4592
104.21.37.85
4241
172.67.206.36
4205
104.26.10.230
3928
172.67.69.233
3885
34.90.14.205
3881
34.91.226.152
3870
104.26.11.230
3860
104.20.45.115
3609
172.66.150.17
3582
34.91.234.242
3173
34.91.142.64
3159
91.215.40.58
2945
172.67.73.59
2886
104.26.3.39
2822
64.29.17.67
2817
216.198.79.131
2781
216.198.79.67
2766
64.29.17.195
2744
216.198.79.3
2732
216.198.79.195
2730
104.26.2.39
2725
173.236.196.161
2680
172.67.129.106
2664
64.29.17.3
2653
104.21.1.142
2642
64.29.17.131
2627
Toolkit Analysis

Phishing Kit Metrics

In our continuous efforts to combat phishing, we closely monitor and assess phishing kits that are part of these phishing campaigns. These numbers provide important insights into the tools and techniques employed by hackers. Our analysis covers factors such as:

Search

Total Phishing Kits

Quantifying the number of phishing kits discovered allows us to gauge the proliferation of these malicious resources.

Email

Unique Drop Emails

Identifying the unique drop email addresses used for phishing attacks helps in tracking the infrastructure utilized by bad actors. A “drop email” refers to the email address that is used to collect users’ secret credentials from phishing websites.

Global Search

Domains with Victim Emails

Recognizing the domains where victim emails are being sent aids in the identification and mitigation of ongoing campaigns.

Protect Your Organization

Stop Phishing Campaigns From Targeting You

By comprehensively analyzing these scans of phishing campaigns, we gain a deeper understanding of the latest techniques and trends of hackers. This knowledge enables us to develop effective risk mitigation and phishing countermeasures to help organizations protect themselves from the growing threat of phishing and scam attacks.

Need to take down phishing and scam sites and contents?
Get Help Now!
buyers-guide
Buyer’s Guide

Buyer’s Guide: Purchasing a Brand Security Solution

Download Now
Image of Feb Webinar
Webinar

How Leading Brand Automate Customer-Reported Phishing Threats

Watch Now
Image of AI Web Monitoring
Datasheet

Discover the Bolster AI Web Monitoring Datasheet

Read Now
Image of AI App Store Monitoring
Datasheet

Discover the Bolster AI App Store Monitoring & Takedowns

Learn More