bs-bd-intro
Real-Time Statistics

Phishing Insights Center

At Bolster, we leverage data from our CheckPhish phishing community of security researchers worldwide to provide valuable insights into the ever-evolving threat landscape of phishing and scam attacks. By analyzing billions of data points collected from thousands of active security researchers, we equip organizations with knowledge to understand the state of phishing.

Phishing Insights Center
Crowdsourced Intelligence

Daily Phishing Highlights

We collect a vast amount of data, including the total number of scans conducted daily, the number of total users, and the active organizations within our research community. These statistics help us gauge the scale and impact of phishing attacks worldwide and how the security community is responding.

Search

Total Scans Daily

3576785
User

Total CheckPhish Users

54358
People

Total CheckPhish Organizations

9122
Last scan updated on 2026/04/03 15:00:00
Uncover Phishing Campaigns

In-Depth Phishing and Scam Analysis

In addition to the phishing highlights, our analysis dives deeper into the specific characteristics of these scans of phishing attacks. We review and report on various aspects, including :

Count

Total Phishing and Scam Counts

Quantifying the number of detected phishing attempts and scams provides a clear picture of the prevalent threats faced by businesses and individuals.

Phish

331225

Scam

469893

Total Count

801118
Last scan updated on 2026/03/29 23:59:59
Cloud
Top Hosting Providers

Identifying hosting providers that unknowingly host phishing websites aids in collaboration between security teams and hosting providers to combat malicious activities.

Clipboard
Top Registrars

Tracking the registrars associated with phishing attacks aids in detecting and shutting down illicit domains more effectively.

Route
Top Countries of Origin

Understanding the countries where phishing campaigns originate provides vital insight into the geographic distribution of threats.

Global
Top-Level Domains (TLDs) Used

Recognizing the TLDs that are frequently abused by phishers helps identify potential sources of fraudulent activity.

Global
Categories

Identifying the top categories that attacker leverage for phishing and scam campaigns can help organizations be more alert about the risk to their industry.

1.
streaming
80684
2.
error_page
54373
3.
tech_support
50816
4.
gambling
18664
5.
online_store
12080
6.
crypto
9405
7.
captcha
8909
8.
app_store
7031
9.
drug
5998
10.
domain_parking
4095
11.
banking
2338
12.
adult
2027
13.
social_media
1319
14.
promo_code
654
15.
warning
307
16.
domain_purchase
292
17.
gift_card
160
18.
directory_listing
100
19.
url_shortener
85
20.
traffic_stealer
6
Top IP Addresses

Analyzing IP addresses associated with phishing attacks assists in identifying potential sources of malicious activity and blocking them proactively.

185.199.108.153
17554
185.199.109.153
17473
185.199.110.153
17465
185.199.111.153
17302
199.36.158.100
16036
142.251.46.65
9745
142.251.33.193
9590
142.250.69.161
9239
142.251.45.129
9190
142.250.73.97
9052
142.250.73.129
8767
142.251.34.193
7500
216.198.79.195
6064
64.29.17.67
5953
64.29.17.3
5938
64.29.17.131
5925
216.198.79.3
5897
216.198.79.131
5876
216.198.79.67
5781
64.29.17.195
5780
199.192.22.141
4507
142.250.73.65
4506
111.90.156.28
1804
94.183.188.179
1643
54.37.207.59
1605
34.160.17.71
1538
172.67.185.206
1509
35.244.153.44
1498
34.120.190.48
1491
34.149.36.179
1468
34.149.120.3
1465
104.21.84.32
1462
35.190.31.54
1438
35.227.194.51
1402
34.160.81.203
1365
104.18.36.248
1325
172.64.151.8
1322
142.250.73.142
1321
142.251.34.206
1294
192.0.77.40
1276
38.47.255.125
1270
142.251.33.206
1186
104.21.32.97
1118
57.133.212.46
1111
35.220.216.74
1081
172.67.150.174
1061
142.250.69.174
1053
216.198.79.1
1041
142.251.46.78
1037
172.67.150.101
989
104.21.88.251
955
104.21.71.227
955
Toolkit Analysis

Phishing Kit Metrics

In our continuous efforts to combat phishing, we closely monitor and assess phishing kits that are part of these phishing campaigns. These numbers provide important insights into the tools and techniques employed by hackers. Our analysis covers factors such as:

Search

Total Phishing Kits

Quantifying the number of phishing kits discovered allows us to gauge the proliferation of these malicious resources.

Email

Unique Drop Emails

Identifying the unique drop email addresses used for phishing attacks helps in tracking the infrastructure utilized by bad actors. A “drop email” refers to the email address that is used to collect users’ secret credentials from phishing websites.

Global Search

Domains with Victim Emails

Recognizing the domains where victim emails are being sent aids in the identification and mitigation of ongoing campaigns.

Protect Your Organization

Stop Phishing Campaigns From Targeting You

By comprehensively analyzing these scans of phishing campaigns, we gain a deeper understanding of the latest techniques and trends of hackers. This knowledge enables us to develop effective risk mitigation and phishing countermeasures to help organizations protect themselves from the growing threat of phishing and scam attacks.

Need to take down phishing and scam sites and contents?
Get Help Now!
Image of Mid Year Report Cover
Report

2026 Fraud Trends & Prediction Report

Read the Report
buyers-guide
Buyer’s Guide

Buyer’s Guide: Purchasing a Brand Security Solution

Download Now
Image of Webinar
Webinar

Fraud Without Red Flags Webinar

Watch Now
Image of Takedown
One-Pager

Impersonation Takedown Website Guide

Download Now