bs-bd-intro
Real-Time Statistics

Phishing Insights Center

At Bolster, we leverage data from our CheckPhish phishing community of security researchers worldwide to provide valuable insights into the ever-evolving threat landscape of phishing and scam attacks. By analyzing billions of data points collected from thousands of active security researchers, we equip organizations with knowledge to understand the state of phishing.

Phishing Insights Center
Crowdsourced Intelligence

Daily Phishing Highlights

We collect a vast amount of data, including the total number of scans conducted daily, the number of total users, and the active organizations within our research community. These statistics help us gauge the scale and impact of phishing attacks worldwide and how the security community is responding.

Search

Total Scans Daily

3238062
User

Total CheckPhish Users

50648
People

Total CheckPhish Organizations

8467
Last scan updated on 2025/12/13 18:00:00
Uncover Phishing Campaigns

In-Depth Phishing and Scam Analysis

In addition to the phishing highlights, our analysis dives deeper into the specific characteristics of these scans of phishing attacks. We review and report on various aspects, including :

Count

Total Phishing and Scam Counts

Quantifying the number of detected phishing attempts and scams provides a clear picture of the prevalent threats faced by businesses and individuals.

Phish

440923

Scam

329022

Total Count

769945
Last scan updated on 2025/12/07 23:59:59
Cloud
Top Hosting Providers

Identifying hosting providers that unknowingly host phishing websites aids in collaboration between security teams and hosting providers to combat malicious activities.

Clipboard
Top Registrars

Tracking the registrars associated with phishing attacks aids in detecting and shutting down illicit domains more effectively.

Route
Top Countries of Origin

Understanding the countries where phishing campaigns originate provides vital insight into the geographic distribution of threats.

Global
Top-Level Domains (TLDs) Used

Recognizing the TLDs that are frequently abused by phishers helps identify potential sources of fraudulent activity.

Global
Categories

Identifying the top categories that attacker leverage for phishing and scam campaigns can help organizations be more alert about the risk to their industry.

1.
tech_support
68715
2.
streaming
55910
3.
gambling
49751
4.
crypto
16551
5.
online_store
13203
6.
captcha
11383
7.
banking
9100
8.
error_page
7837
9.
domain_parking
6795
10.
app_store
3225
11.
adult
2908
12.
drug
2566
13.
social_media
506
14.
promo_code
422
15.
gift_card
234
16.
warning
44
17.
domain_purchase
32
18.
url_shortener
14
19.
traffic_stealer
1
Top IP Addresses

Analyzing IP addresses associated with phishing attacks assists in identifying potential sources of malicious activity and blocking them proactively.

199.36.158.100
20242
185.159.247.146
17796
185.199.108.153
14097
185.199.111.153
13873
185.199.109.153
13859
185.199.110.153
13801
104.18.36.248
10700
172.64.151.8
10458
194.156.26.4
8484
107.175.238.119
7466
216.198.54.11
7327
216.198.53.11
7271
45.10.243.9
7042
34.91.226.152
6780
34.90.14.205
6780
216.198.54.6
6101
216.198.53.6
6010
185.159.247.239
5406
172.93.121.124
5318
104.18.24.229
5254
104.18.25.229
5201
45.10.243.25
4579
151.101.22.114
4365
108.163.225.126
4198
4.210.159.65
4083
146.75.42.114
4072
3.175.34.33
3659
3.175.34.52
3637
3.175.34.118
3624
3.175.34.70
3539
104.21.78.222
3461
172.67.137.220
3453
91.108.107.93
2993
104.18.4.28
2863
104.21.32.199
2851
104.18.5.28
2815
172.67.154.179
2765
162.0.222.130
2576
185.159.247.105
2325
3.169.173.108
2213
104.21.10.137
2208
104.18.27.243
2195
104.18.26.243
2193
172.67.131.126
2182
3.169.173.45
2145
3.169.173.73
2141
3.169.173.18
2133
104.18.50.34
1952
104.18.54.45
1930
52.23.100.163
1923
3.169.173.85
1923
3.169.173.67
1901
Toolkit Analysis

Phishing Kit Metrics

In our continuous efforts to combat phishing, we closely monitor and assess phishing kits that are part of these phishing campaigns. These numbers provide important insights into the tools and techniques employed by hackers. Our analysis covers factors such as:

Search

Total Phishing Kits

Quantifying the number of phishing kits discovered allows us to gauge the proliferation of these malicious resources.

Email

Unique Drop Emails

Identifying the unique drop email addresses used for phishing attacks helps in tracking the infrastructure utilized by bad actors. A “drop email” refers to the email address that is used to collect users’ secret credentials from phishing websites.

Global Search

Domains with Victim Emails

Recognizing the domains where victim emails are being sent aids in the identification and mitigation of ongoing campaigns.

Protect Your Organization

Stop Phishing Campaigns From Targeting You

By comprehensively analyzing these scans of phishing campaigns, we gain a deeper understanding of the latest techniques and trends of hackers. This knowledge enables us to develop effective risk mitigation and phishing countermeasures to help organizations protect themselves from the growing threat of phishing and scam attacks.

Need to take down phishing and scam sites and contents?
Get Help Now!
buyers-guide
Buyer’s Guide

Buyer’s Guide: Purchasing a Brand Security Solution

Download Now
Image of Feb Webinar
Webinar

How Leading Brand Automate Customer-Reported Phishing Threats

Watch Now
Image of AI Web Monitoring
Datasheet

Discover the Bolster AI Web Monitoring Datasheet

Read Now
Image of AI App Store Monitoring
Datasheet

Discover the Bolster AI App Store Monitoring & Takedowns

Learn More