Phishing Activity: Key Statistics
February 1, 2022 - April 30, 2022
We analyzed URLs, domain names, and IP addresses that have been reported for phishing. These and other metadata - e.g., registration data, DNS zone data, attack type and targeted brand - allow us to determine where phishers are acquiring resources for their criminal activities. Indicators of compromise allow us to distinguish hostnames delegated from domains that were purposely registered for phishing campaigns from hostnames assigned to compromised web sites that were delegated from domain names for legitimate purposes.
During the February 1, 2022 to April 30, 2022 period, we measured phishing attacks, the number of unique domain names reported for use in phishing attacks, the Top-level domains where these domain names were registered, the gTLD registrars that processed the domain name registrations, and where the domain names were hosted when the phish was reported. We also identified brands that were targeted by phishers.
We’ve also identify domains that we believe were purposely registered for phishing attacks - malicious domain registrations - and report these.
| Measurement | Count |
|---|---|
| Phishing attacks reported | 303,348 |
| Unique domain names reported for phishing | 223,324 |
| Maliciously registered domains reported for phishing | 147,036 |
| Top-level Domains (TLDs) where we observed phishing | 519 |
| gTLD Registrars that had domains under management reported for phishing | 453 |
| All Registrars that had domains under management reported for phishing | 1,063 |
| Hosting Networks (ASNs) where phishing web sites were reported | 2,617 |
| Brands targeted in phishing attacks | 1,254 |
You may copy and use this infographic, with the embedded attribution.