bs-bd-intro
Real-Time Statistics

Phishing Insights Center

At Bolster, we leverage data from our CheckPhish phishing community of security researchers worldwide to provide valuable insights into the ever-evolving threat landscape of phishing and scam attacks. By analyzing billions of data points collected from thousands of active security researchers, we equip organizations with knowledge to understand the state of phishing.

Phishing Insights Center
Crowdsourced Intelligence

Daily Phishing Highlights

We collect a vast amount of data, including the total number of scans conducted daily, the number of total users, and the active organizations within our research community. These statistics help us gauge the scale and impact of phishing attacks worldwide and how the security community is responding.

Search

Total Scans Daily

3542346
User

Total CheckPhish Users

56938
People

Total CheckPhish Organizations

9492
Last scan updated on 2026/06/15 19:00:00
Uncover Phishing Campaigns

In-Depth Phishing and Scam Analysis

In addition to the phishing highlights, our analysis dives deeper into the specific characteristics of these scans of phishing attacks. We review and report on various aspects, including :

Count

Total Phishing and Scam Counts

Quantifying the number of detected phishing attempts and scams provides a clear picture of the prevalent threats faced by businesses and individuals.

Phish

516063

Scam

521468

Total Count

1037531
Last scan updated on 2026/06/14 23:59:59
Cloud
Top Hosting Providers

Identifying hosting providers that unknowingly host phishing websites aids in collaboration between security teams and hosting providers to combat malicious activities.

Clipboard
Top Registrars

Tracking the registrars associated with phishing attacks aids in detecting and shutting down illicit domains more effectively.

Route
Top Countries of Origin

Understanding the countries where phishing campaigns originate provides vital insight into the geographic distribution of threats.

Global
Top-Level Domains (TLDs) Used

Recognizing the TLDs that are frequently abused by phishers helps identify potential sources of fraudulent activity.

Global
Categories

Identifying the top categories that attacker leverage for phishing and scam campaigns can help organizations be more alert about the risk to their industry.

1.
streaming
108574
2.
gambling
47721
3.
tech_support
43680
4.
warning
37868
5.
online_store
19132
6.
error_page
14747
7.
captcha
9691
8.
crypto
9041
9.
app_store
8096
10.
banking
2877
11.
drug
1670
12.
social_media
1328
13.
domain_parking
1271
14.
adult
1264
15.
promo_code
793
16.
domain_purchase
758
17.
gift_card
284
18.
url_shortener
208
19.
directory_listing
197
20.
traffic_stealer
95
21.
crypto_giveaway
54
Top IP Addresses

Analyzing IP addresses associated with phishing attacks assists in identifying potential sources of malicious activity and blocking them proactively.

185.199.108.153
26368
185.199.109.153
26062
185.199.110.153
25983
185.199.111.153
25957
199.36.158.100
19326
142.251.34.193
11073
142.251.33.193
10358
142.250.73.129
9866
142.250.73.97
8529
142.251.45.129
8213
142.250.69.161
7802
216.198.79.131
5945
216.198.79.67
5881
64.29.17.3
5848
64.29.17.195
5847
216.198.79.3
5820
142.250.73.65
5819
64.29.17.67
5810
216.198.79.195
5710
64.29.17.131
5686
172.67.202.191
5511
104.21.76.253
5482
3.90.95.192
4558
104.18.50.34
3424
104.18.54.45
3410
104.21.44.99
2187
172.67.198.135
2173
173.194.43.132
1929
35.190.31.54
1754
34.160.17.71
1750
51.79.58.149
1730
172.66.47.149
1726
35.244.153.44
1717
34.160.81.203
1716
34.120.190.48
1706
34.149.36.179
1701
142.250.69.174
1700
172.66.44.107
1669
35.227.194.51
1663
34.149.120.3
1630
8.230.105.83
1615
185.158.133.1
1560
142.251.34.206
1556
216.198.79.1
1538
142.251.33.206
1479
142.250.73.110
1442
142.250.73.142
1425
216.239.32.27
1342
172.253.117.132
1317
104.21.57.184
1313
142.251.45.142
1294
172.67.165.115
1264
Toolkit Analysis

Phishing Kit Metrics

In our continuous efforts to combat phishing, we closely monitor and assess phishing kits that are part of these phishing campaigns. These numbers provide important insights into the tools and techniques employed by hackers. Our analysis covers factors such as:

Search

Total Phishing Kits

Quantifying the number of phishing kits discovered allows us to gauge the proliferation of these malicious resources.

Email

Unique Drop Emails

Identifying the unique drop email addresses used for phishing attacks helps in tracking the infrastructure utilized by bad actors. A “drop email” refers to the email address that is used to collect users’ secret credentials from phishing websites.

Global Search

Domains with Victim Emails

Recognizing the domains where victim emails are being sent aids in the identification and mitigation of ongoing campaigns.

Protect Your Organization

Stop Phishing Campaigns From Targeting You

By comprehensively analyzing these scans of phishing campaigns, we gain a deeper understanding of the latest techniques and trends of hackers. This knowledge enables us to develop effective risk mitigation and phishing countermeasures to help organizations protect themselves from the growing threat of phishing and scam attacks.

Need to take down phishing and scam sites and contents?
Get Help Now!
Image of Mid Year Report Cover
Report

2026 Fraud Trends & Prediction Report

Read the Report
buyers-guide
Buyer’s Guide

Buyer’s Guide: Purchasing a Brand Security Solution

Download Now
Image of Webinar
Webinar

Fraud Without Red Flags Webinar

Watch Now
Image of Takedown
One-Pager

Impersonation Takedown Website Guide

Download Now