Netcraft Blog

Featured

Threat Intelligence

Bluekit Phishing-as-a-Service: Browser-in-the-Middle, Evolved

June 25, 2026 | Netcraft analyzes Bluekit, a Browser-in-the-Middle phishing kit that streams legitimate login pages to victims using rrweb. Learn how it works, why it differs from Evilginx, and the detection opportunities for defenders.

read post

All Blogs

Filter by Topics

All

Threat Intelligence

Asset & Brand Protection

Web Server Survey

Security Lexicon

Netcraft Signal

Netcraft Updates

Threat Intelligence

Bluekit Phishing-as-a-Service: Browser-in-the-Middle, Evolved

Harry Everett

Security Lexicon

10 Real Examples of Phishing Websites (and How to Spot Them)

Explore 10 real phishing website examples identified by Netcraft researchers. Learn how attackers impersonate trusted brands and the warning signs that may reveal a phishing site.

Emily L. Phelps

Asset & Brand Protection

Why Detection Alone Isn’t Enough in Brand Protection

Why brand protection fails after detection. Learn why alerts don’t reduce harm and how validation and takedowns limit brand risk.

Emily L. Phelps

Netcraft Signal

Country Consumer Scam Reporting Tells a Story

Scam loss reports from Singapore, Australia, and the U.S. reveal a clear divide: countries pairing fraud statistics with active controls are better equipped to disrupt scams.

Ken Palla

Web Server Survey

June 2026 Web Server Survey

In the June 2026 survey we received responses from 1,489,396,284 sites across 304,146,307 domains and 14,653,771 web-facing computers. This reflects a change of 21.1 million sites, 2.0 million domains, and 81,854 web-facing computers. Cloudflare experienced the largest gain of 4.1 million sites (+1.73%) this month, and now accounts fo...

Netcraft Editorial Team

Asset & Brand Protection

Social Media Impersonation: How Phishing Evolved as Email Defenses Improved

June 4, 2026 | Social media impersonation is reshaping phishing. Learn why attackers are shifting beyond email and how security teams can improve phishing detection.

Emily L. Phelps

Threat Intelligence

Caught on Scam-era: The Rise of Camera-First Phishing

June 2, 2026 | A newly observed phishing campaign impersonates payment verification to harvest selfies, videos, location data, and device information. Learn how camera-first phishing turns browser permissions into a powerful collection channel.

Ivan Khamenka

Web Server Survey

May 2026 Web Server Survey

In the May 2026 survey we received responses from 1,468,295,818 sites across 302,162,421 domains and 14,571,917 web-facing computers. This reflects a change of 34.6 million sites, 3.0 million domains, and 373,769 web-facing computers. Cloudflare experienced the largest gain of 10.6 million sites (+4.66%) this month, and now accounts f...

Netcraft Editorial Team

Asset & Brand Protection

The Domain Problem DMARC Can’t See: Detecting Lookalike Infrastructure at Scale

May 28, 2026 | DMARC protects your domain but not against lookalike phishing domains. Learn how to detect typosquatting domains and malicious infrastructure at scale.

Emily L. Phelps

Threat Intelligence

EvilTokens and OAuth Abuse

May 27, 2026 | Netcraft uncovers how EvilTokens enables large-scale OAuth device code phishing campaigns, abuses Microsoft authentication flows, and powers emerging attacks like GhostPairing.

Ginny Spicer

All Blogs

Filter by Topics

All

Threat Intelligence

Asset & Brand Protection

Web Server Survey

Security Lexicon

Netcraft Signal

Netcraft Updates

Threat Intelligence

Bluekit Phishing-as-a-Service: Browser-in-the-Middle, Evolved

Harry Everett

Security Lexicon

10 Real Examples of Phishing Websites (and How to Spot Them)

Explore 10 real phishing website examples identified by Netcraft researchers. Learn how attackers impersonate trusted brands and the warning signs that may reveal a phishing site.

Emily L. Phelps

Asset & Brand Protection

Why Detection Alone Isn’t Enough in Brand Protection

Why brand protection fails after detection. Learn why alerts don’t reduce harm and how validation and takedowns limit brand risk.

Emily L. Phelps

Netcraft Signal

Country Consumer Scam Reporting Tells a Story

Scam loss reports from Singapore, Australia, and the U.S. reveal a clear divide: countries pairing fraud statistics with active controls are better equipped to disrupt scams.

Ken Palla

Web Server Survey

June 2026 Web Server Survey

Netcraft Editorial Team

Asset & Brand Protection

Social Media Impersonation: How Phishing Evolved as Email Defenses Improved

June 4, 2026 | Social media impersonation is reshaping phishing. Learn why attackers are shifting beyond email and how security teams can improve phishing detection.

Emily L. Phelps

Threat Intelligence

Caught on Scam-era: The Rise of Camera-First Phishing

Ivan Khamenka

Web Server Survey

May 2026 Web Server Survey

Netcraft Editorial Team

Asset & Brand Protection

The Domain Problem DMARC Can’t See: Detecting Lookalike Infrastructure at Scale

May 28, 2026 | DMARC protects your domain but not against lookalike phishing domains. Learn how to detect typosquatting domains and malicious infrastructure at scale.

Emily L. Phelps

Threat Intelligence

EvilTokens and OAuth Abuse

May 27, 2026 | Netcraft uncovers how EvilTokens enables large-scale OAuth device code phishing campaigns, abuses Microsoft authentication flows, and powers emerging attacks like GhostPairing.

Ginny Spicer

All Blogs

Filter by Topics

All

Threat Intelligence

Asset & Brand Protection

Web Server Survey

Security Lexicon

Netcraft Signal

Netcraft Updates

Threat Intelligence

Bluekit Phishing-as-a-Service: Browser-in-the-Middle, Evolved

Harry Everett

Security Lexicon

10 Real Examples of Phishing Websites (and How to Spot Them)

Explore 10 real phishing website examples identified by Netcraft researchers. Learn how attackers impersonate trusted brands and the warning signs that may reveal a phishing site.

Emily L. Phelps

Asset & Brand Protection

Why Detection Alone Isn’t Enough in Brand Protection

Why brand protection fails after detection. Learn why alerts don’t reduce harm and how validation and takedowns limit brand risk.

Emily L. Phelps

Netcraft Signal

Country Consumer Scam Reporting Tells a Story

Scam loss reports from Singapore, Australia, and the U.S. reveal a clear divide: countries pairing fraud statistics with active controls are better equipped to disrupt scams.

Ken Palla

Web Server Survey

June 2026 Web Server Survey

Netcraft Editorial Team

Asset & Brand Protection

Social Media Impersonation: How Phishing Evolved as Email Defenses Improved

June 4, 2026 | Social media impersonation is reshaping phishing. Learn why attackers are shifting beyond email and how security teams can improve phishing detection.

Emily L. Phelps

Threat Intelligence

Caught on Scam-era: The Rise of Camera-First Phishing

Ivan Khamenka

Web Server Survey

May 2026 Web Server Survey

Netcraft Editorial Team

Asset & Brand Protection

The Domain Problem DMARC Can’t See: Detecting Lookalike Infrastructure at Scale

May 28, 2026 | DMARC protects your domain but not against lookalike phishing domains. Learn how to detect typosquatting domains and malicious infrastructure at scale.

Emily L. Phelps

Threat Intelligence

EvilTokens and OAuth Abuse

May 27, 2026 | Netcraft uncovers how EvilTokens enables large-scale OAuth device code phishing campaigns, abuses Microsoft authentication flows, and powers emerging attacks like GhostPairing.

Ginny Spicer

All Blogs

Filter by Topics

All

Threat Intelligence

Asset & Brand Protection

Web Server Survey

Security Lexicon

Netcraft Signal

Netcraft Updates

Threat Intelligence

Bluekit Phishing-as-a-Service: Browser-in-the-Middle, Evolved

Harry Everett

Security Lexicon

10 Real Examples of Phishing Websites (and How to Spot Them)

Explore 10 real phishing website examples identified by Netcraft researchers. Learn how attackers impersonate trusted brands and the warning signs that may reveal a phishing site.

Emily L. Phelps

Asset & Brand Protection

Why Detection Alone Isn’t Enough in Brand Protection

Why brand protection fails after detection. Learn why alerts don’t reduce harm and how validation and takedowns limit brand risk.

Emily L. Phelps

Netcraft Signal

Country Consumer Scam Reporting Tells a Story

Scam loss reports from Singapore, Australia, and the U.S. reveal a clear divide: countries pairing fraud statistics with active controls are better equipped to disrupt scams.

Ken Palla

Web Server Survey

June 2026 Web Server Survey

Netcraft Editorial Team

Asset & Brand Protection

Social Media Impersonation: How Phishing Evolved as Email Defenses Improved

June 4, 2026 | Social media impersonation is reshaping phishing. Learn why attackers are shifting beyond email and how security teams can improve phishing detection.

Emily L. Phelps

Threat Intelligence

Caught on Scam-era: The Rise of Camera-First Phishing

Ivan Khamenka

Web Server Survey

May 2026 Web Server Survey

Netcraft Editorial Team

Asset & Brand Protection

The Domain Problem DMARC Can’t See: Detecting Lookalike Infrastructure at Scale

May 28, 2026 | DMARC protects your domain but not against lookalike phishing domains. Learn how to detect typosquatting domains and malicious infrastructure at scale.

Emily L. Phelps

Threat Intelligence

EvilTokens and OAuth Abuse

May 27, 2026 | Netcraft uncovers how EvilTokens enables large-scale OAuth device code phishing campaigns, abuses Microsoft authentication flows, and powers emerging attacks like GhostPairing.

Ginny Spicer