Skip to content
bs-bd-intro
Real-Time Statistics

Phishing Insights Center

At Bolster, we leverage data from our CheckPhish phishing community of security researchers worldwide to provide valuable insights into the ever-evolving threat landscape of phishing and scam attacks. By analyzing billions of data points collected from thousands of active security researchers, we equip organizations with knowledge to understand the state of phishing.

Phishing Insights Center
Crowdsourced Intelligence

Daily Phishing Highlights

We collect a vast amount of data, including the total number of scans conducted daily, the number of total users, and the active organizations within our research community. These statistics help us gauge the scale and impact of phishing attacks worldwide and how the security community is responding.

Search

Total Scans Daily

3203879
User

Total CheckPhish Users

57435
People

Total CheckPhish Organizations

9574
Last scan updated on 2026/07/05 23:00:00
Uncover Phishing Campaigns

In-Depth Phishing and Scam Analysis

In addition to the phishing highlights, our analysis dives deeper into the specific characteristics of these scans of phishing attacks. We review and report on various aspects, including :

Count

Total Phishing and Scam Counts

Quantifying the number of detected phishing attempts and scams provides a clear picture of the prevalent threats faced by businesses and individuals.

Phish

596327

Scam

520869

Total Count

1117196
Last scan updated on 2026/06/28 23:59:59
Cloud
Top Hosting Providers

Identifying hosting providers that unknowingly host phishing websites aids in collaboration between security teams and hosting providers to combat malicious activities.

Clipboard
Top Registrars

Tracking the registrars associated with phishing attacks aids in detecting and shutting down illicit domains more effectively.

Route
Top Countries of Origin

Understanding the countries where phishing campaigns originate provides vital insight into the geographic distribution of threats.

Global
Top-Level Domains (TLDs) Used

Recognizing the TLDs that are frequently abused by phishers helps identify potential sources of fraudulent activity.

Global
Categories

Identifying the top categories that attacker leverage for phishing and scam campaigns can help organizations be more alert about the risk to their industry.

1.
streaming
110139
2.
gambling
70168
3.
tech_support
31799
4.
error_page
17507
5.
online_store
15854
6.
crypto
9906
7.
captcha
8803
8.
app_store
7401
9.
banking
2870
10.
drug
1682
11.
warning
1374
12.
adult
1372
13.
domain_parking
901
14.
domain_purchase
893
15.
promo_code
777
16.
gift_card
214
17.
directory_listing
189
18.
crypto_giveaway
104
19.
social_media
70
20.
url_shortener
65
21.
traffic_stealer
38
Top IP Addresses

Analyzing IP addresses associated with phishing attacks assists in identifying potential sources of malicious activity and blocking them proactively.

185.199.109.153
27501
185.199.108.153
27379
185.199.110.153
27147
185.199.111.153
27116
199.36.158.100
19463
142.251.45.129
9344
142.251.34.193
8656
142.251.33.193
8396
142.250.69.161
7350
142.250.73.65
7139
142.250.73.129
7086
142.250.73.97
6484
64.29.17.67
6146
216.198.79.131
6068
64.29.17.131
6062
64.29.17.195
5999
216.198.79.3
5930
216.198.79.195
5919
64.29.17.3
5918
216.198.79.67
5913
104.21.20.254
2788
172.67.195.65
2779
172.67.202.64
2763
104.21.90.155
2731
216.198.79.1
2169
142.250.73.142
1898
35.190.31.54
1807
142.251.34.206
1788
34.160.81.203
1768
34.149.36.179
1757
185.158.133.1
1755
35.244.153.44
1714
34.149.120.3
1712
172.66.44.107
1709
172.66.47.149
1707
142.250.73.110
1698
34.160.17.71
1696
34.120.190.48
1676
35.227.194.51
1660
142.250.73.78
1647
8.230.105.83
1633
51.79.58.149
1608
142.251.45.142
1529
142.250.69.174
1493
104.18.50.34
1324
172.67.199.62
1273
52.52.192.191
1240
13.52.188.95
1240
172.67.189.195
1223
104.21.50.18
1214
104.21.41.65
1211
104.18.54.45
1205
Toolkit Analysis

Phishing Kit Metrics

In our continuous efforts to combat phishing, we closely monitor and assess phishing kits that are part of these phishing campaigns. These numbers provide important insights into the tools and techniques employed by hackers. Our analysis covers factors such as:

Search

Total Phishing Kits

Quantifying the number of phishing kits discovered allows us to gauge the proliferation of these malicious resources.

Email

Unique Drop Emails

Identifying the unique drop email addresses used for phishing attacks helps in tracking the infrastructure utilized by bad actors. A “drop email” refers to the email address that is used to collect users’ secret credentials from phishing websites.

Global Search

Domains with Victim Emails

Recognizing the domains where victim emails are being sent aids in the identification and mitigation of ongoing campaigns.

Protect Your Organization

Stop Phishing Campaigns From Targeting You

By comprehensively analyzing these scans of phishing campaigns, we gain a deeper understanding of the latest techniques and trends of hackers. This knowledge enables us to develop effective risk mitigation and phishing countermeasures to help organizations protect themselves from the growing threat of phishing and scam attacks.

Need to take down phishing and scam sites and contents?
Image of Mid Year Report Cover
Report

2026 Fraud Trends & Prediction Report

buyers-guide
Buyer’s Guide

Buyer’s Guide: Purchasing a Brand Security Solution

Image of Webinar
Webinar

Fraud Without Red Flags Webinar

Image of Takedown
One-Pager

Impersonation Takedown Website Guide