NEW WEBINAR: Watch Netcraft's latest deep dive into P2P messaging scams like never before. Watch now  

Platform Overview > Transparency & Reporting
Two business colleagues working together in the office review information on a computer.

Transparency & Reporting

Track active incidents, monitor monthly performance, and rely on Netcraft to communicate cybercrime evidence effectively

A woman sits at a desk nook facing a window. She is looking at something not visible on her laptop screen.

In the know, at all times 

Throughout the lifecycle of a cyber attack, transparency is key. Using Netcraft’s cybercrime detection and takedown platform, you can easily monitor every aspect of the cyber attacks impersonating your brands, from initial detection through disruption and takedown.

Track incidents using Netcraft’s web portals, API, email notifications, or RSS feed. The availability of every attack is monitored and charted, and clients are notified of new attacks via email, SMS, or API.

Defeating cyber attacks with unmatched scale and effectiveness

Netcraft’s online brand protection operates 24/7 to discover phishing, fraud, scams, and cyber attacks through extensive automation, AI, machine learning, and human insight. Our disruption & takedown service ensures that malicious content is blocked and removed quickly and efficiently—typically within hours.

Blocked Attacks Icon


of the world’s phishing attacks taken down

Website Host Icon


threat reports and suspicious URLs analyzed every day

Content Sites icon


cybercrime attacks blocked to date

Global Phishing Icon


attacks taken down and growing

Seamless integration

Our web platform and flexible APIs integrate with other external threat intelligence and enterprise SIEM platforms, making it simple to track and share critical incident data and events.

You can explore each incident, while letting Netcraft’s detection and disruption process take care of itself. The service’s overall performance is tracked by customizable dashboards, analytics, and charts. You can filter to display individual attack details, including information about the attack’s infrastructure, and the actions taken by companies contacted during the takedown process.

A screenshot of the chart builder interface

Evidence is key

Netcraft’s successful relationships with internet infrastructure providers rely on our ability to demonstrate why the cyber attacks we report should be taken down. We present evidence collected through our external threat intelligence platform to explain the malicious behavior clearly and concisely.

This demonstration of independent evidence allows providers to action reports more quickly, particularly in cases where an attacker has used anti-detection techniques that may slow down the provider’s own investigation.

Frequently Asked Questions

Without documented evidence of malicious activity, hosting providers and other infrastructure providers are unable to confirm content is malicious and against their own terms of service. Without which, they are unable to take down content. We gather and present evidence of the cyber attack to clearly demonstrate the fraudulent use to those with the ability to remove the attack.

Netcraft customers can track the progress of attack takedowns using our portals, email, API, or RSS feed. You’ll get a notification when the state of an attack changes.

The portals provide detailed statistics to allow you to view trends and provide detail on attack numbers, attack types, availability and further analysis by hosting companies.

Yes. Netcraft provides an HTTP API which allows integration with your internal applications. In addition, we have integrations for Splunk and Azure Sentinel allowing convenient integration of the takedown system with those platforms.

Netcraft’s evidence-based approach is a key component of why we remain a trusted partner to infrastructure providers. They learn to rely on our reports as source of truth.

Netcraft customers may have an unlimited number of staff user accounts, which can be set at different permission levels. External integration with single sign-on (SSO) is available as standard, including support for Okta, Microsoft Azure, Google workspace as well as via SAML 2.0.



Sophisticated AI-generated Gitbook lures phishing the crypto industry

For the past year, Netcraft researchers have been tracking a threat actor using generative AI to assist in the creation … Read More

Learn More


Two clicks from empty – IPFS-powered crypto drainer scams leveraging look-alike CDNs

More than $40k lost to crypto drainer scams leveraging IPFS and malicious code hidden behind look-alike CDN imitations. At Netcraft, … Read More

Learn More

Schedule time with us

Learn more about Netcraft’s powerful brand protection, external threat intelligence and digital risk protection platform