Phishing Activity: Key Statistics
May 1, 2020 through July 31, 2020

We analyzed URLs, domain names, and IP addresses that have been reported for phishing. These and other metadata – e.g., registration data, DNS zone data, attack type, targeted brand - allow us to determine where phishers are acquiring resources for their criminal activities. Indicators of compromise allow us to distinguish hostnames delegated from domains that were purposely registered for phishing campaigns from hostnames assigned to compromised web sites that were delegated from domain names for legitimate purposes.

During the May to July 2020 period, we measured phishing reports, phishing attacks, and the number of unique domain names reported for use in phishing attacks. We also measured famous brands that were targeted by phishers.


Measurement May to
July 2020
Total number of phishing reports (per quarter) 298,012
Phishing attacks reported126,439
Unique domain names reported for phishing 99,203
Top-level Domains (TLDs) where we observed phishing439
Registrars that had domains under management reported for phishing414
Hosting Networks (ASNs) where phishing web sites were reported2169
Brands targeted in phishing attacks 695