Phishing Rises to New High of Nearly 2 Million Attacks over 12 Months According to New Interisle Report

Interisle Study Reveals Record Growth in Phishing and Criminal Use of Internet Services for Attacks, Urges Adoption of Measures to Curb Criminal Abuse

BOSTON, MA, UNITED STATES, September 9, 2025 /EINPresswire.com/ -- Interisle Consulting Group, a technology consulting and research firm, today released its fifth annual phishing report: Phishing Landscape 2025: A Study of the Scope and Distribution of Phishing, revealing an escalation in phishing attacks and the persistent abuse of Internet resources enabling them. Analyzing nearly four million reports of phishing between May 2024 to April 2025 and five years of historic data, the study underscores a global cybercrime crisis, with reported phishing reaching nearly two million attacks, an increase of over 180% since 2021.

The report highlights the ease with which criminals exploit permissive industry policies and business practices to acquire domain names, subdomains, and hosting for malicious purposes.

Despite the alarming increase in attacks, measures to block criminals' access to these resources remain largely unimplemented. Dave Piscitello, Interisle partner and co-author of the report, noted that “this sustains an environment where phishers can operate devastating, widespread attacks with minimal risk, low costs, and high rewards.”

Key report findings include:

• Phishing Attacks Rise: Phishing attacks rose to 1.96 million a year, a 182% increase since 2021.

• Domain Name Abuse Surges to New High: The total number of domain names used in phishing attacks rose 38% to over 1.5 million—the highest ever recorded.

• Cybercriminal Domain Purchasing Soars: 77% of all domain names used in phishing attacks were maliciously registered by cybercriminals, a 36% increase in such registrations year-over-year.

• Bulk Registration Enables More Attacks: 37% of all phishing domains were acquired through bulk domain name registration services, a commercial offering allowing users to register high volumes of names at one time.

• U.S. Companies Host the Most Phishing Sites: Over half of all phishing sites were hosted by U.S.-based companies. The U.S. has been the top hosting location for phishing for five consecutive years.

• Unpaid Toll Scam Fueled by a Handful of Chinese Providers: The Unpaid Toll Scam, a widespread phishing scheme, aims to defraud drivers through fake billing notices that impersonate U.S. state tollway authorities.

“That cybercriminals are fueling profitable and growing operations on the back of plentiful opportunities for abuse is a significant cause for concern,” said Karen Rose, Interisle partner and report co-author. “Effective measures are urgently needed across the domain name, subdomain, and hosting ecosystems to limit criminal access to these critical resources and improve threat mitigation.”

Based on the research findings, the report outlines a series of recommendations aimed at limiting criminal abuse while ensuring consumers can access the services they need. They include:

• Verify Customer Information: Use address verification tools and screen for bogus and inaccurate registration data at the time of registration or sign-up.

• Requirements for High-Volume Services: Require vetting to access high-volume registration or account creation services and rate limit to deter mass abuse.

• Proactive Monitoring and Mitigation: Implement systems to monitor for suspicious registration activity before services are activated and identify and suspend all related accounts and registrations when phishers are discovered.

• Stronger Policies and Actions: Industry policies and business practices should focus on raising operating standards and measurably reducing the exploitation of resources that enable phishing attacks.

The U.S. Federal Bureau of Investigations estimates that cybercrime inflicted more than $16.6 billion in direct financial losses on U.S. consumers and businesses in 2024 and more than $50.5 billion in direct losses over the last five years. According to the U.S. Cybersecurity and Infrastructure Security Agency, more than 90% of successful cyberattacks begin with a phishing attack, making it one of the most pervasive, effective, and costly forms of cybercrime. The report notes that the surge in phishing threatens to increase the harm inflicted on individuals, businesses, and the economy at large.

The full 2025 Phishing Landscape Report is available for download on Interisle’s website at https://interisle.net/PhishingLandscape2025. For media inquiries, contact media@interisle.net.

Interisle Consulting Group is a technology consulting and research firm that leverages world-class expertise to solve strategic, technical, and policy challenges. Through rigorous discovery, analysis, and collaboration, Interisle develops insights and solutions that strengthen our clients, partners, and the digital ecosystem.

David Piscitello
Interisle Consulting Group
+1 843-295-9329
email us here

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.