Interisle, a research company specializing in Internet security and cybercrime, has recently published its Phishing Landscape 2025 report. This annual analysis explores the prevalence of phishing across the web by reviewing four million phishing reports dated from May 2024 to April 2025, highlighting the most commonly used top-level domains (TLDs) for such fraudulent activities.
The report identified five top TLDs frequently associated with phishing attacks, which are:
- .xin
- .bond
- .help
- .win
- .cfd
Notably, the .xin domain has been predominantly exploited for unpaid toll scams, with almost all phishing domains being registered through Dominet, a company affiliated with Alibaba. The report assigned a significantly high phishing score to .xin, registering 10,810 incidents, in stark contrast to .bond, which recorded a score of 1,759. For reference, the .com TLD had a phishing score of merely 30.
The report establishes a clear link between domain pricing and phishing activity, illustrating that cheaper domains tend to be more frequently abused. Although last year indicated a rise in the use of free subdomains for phishing exploits, this year’s data shows a notable reduction in that area, primarily due to Google’s enhanced measures against such abuses on platforms like blogspot.com. However, there has been an increase in the misuse of subdomains from services such as webflow.io and vercel.app.
In terms of registrars, Interisle pointed out NiceNic, Aceville, Dominet, Webnic, and OwnRegistrar as the top five providers linked to the highest incidences of phishing registrations. Additionally, ICANN has highlighted potential variances in DNS abuse rankings depending on the source of blocklists, with Interisle referencing data from organizations like the Anti-Phishing Working Group (APWG), OpenPhish, PhishTank, and Spamhaus for this year’s findings.
Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.