Stronger through sharing: PhishFort and Spamhaus working together

At PhishFort, we’ve always believed that cybersecurity is more than an industry—it’s a community. A global network of people and organizations aligned around a shared mission: to make the internet safer for everyone. In a digital environment defined by evolving threats, we’ve learned one thing above all: sharing is the most powerful tool we have.

That’s why we’re proud to collaborate with Spamhaus by sharing verified threat data from our phishing detection systems. This includes our real-time blocklist of malicious domains, used to identify phishing websites, impersonation scams, and other forms of brand abuse across the web. The blocklist is updated constantly with the findings made by the PhishFort team and reaches billions of monthly active users.

Why We Share

Sharing threat intelligence is not just strategic—it’s essential. The attacks we see every day at PhishFort target individuals, brands, and platforms in dozens of countries. They evolve rapidly, adapt quickly, and spread globally. No single company can stop them alone.

For cybersecurity providers, trust is built on results and collaboration. By making our data available to trusted organizations like Spamhaus, we help others act faster, reduce exposure windows, and protect users far beyond our immediate clients. Our work with Spamhaus is one step in a broader strategy to support shared defense across the internet. By pooling insights and distributing reliable threat data, we enable better protection for everyone.

Why Spamhaus

PhishFort’s mission is to reduce the harm caused by phishing and brand impersonation, particularly in the fast-moving world of Web3. Spamhaus has been a trusted authority in internet threat intelligence for over two decades, maintaining a rigorous approach to data quality and operational neutrality. This aligns closely with PhishFort’s standards for accuracy, speed, and transparency.

Our collaboration with Spamhaus enables our blocklist data to reach billions of users via internet infrastructure providers, browsers, and antivirus vendors. By joining forces, we extend the reach of our protection and contribute to the global fight against fraud, phishing, and abuse across the internet.

What We Share

PhishFort provides Spamhaus with domain intelligence from our continuously updated blocklist of phishing and impersonation domains. The blocklist contains information about malicious incidents on websites (such as fraudulent or brand-abusing domains) that have been identified and validated through:

• AI-powered detection, which flags suspicious domain patterns.
• Thorough human review, ensuring accurate and reliable threat data.
• Specialized threat monitoring, including crypto-focused domains (e.g., wallets, DeFi platforms, and token projects).

Each incident contains key details like classification (phishing, brand abuse), timestamps, and tags that feed into Spamhaus’s threat infrastructure. This combined intelligence helps secure billions of users against a broad spectrum of online attacks.

Building Tools for the Web3 Community

As part of our commitment to sharing and community defense, PhishFort also maintains Nighthawk—a free browser extension for Chrome, Brave, and Firefox. Nighthawk provides real-time phishing protection for crypto users, warning them before they visit suspicious domains.

It’s part of our belief that security should be accessible, especially in fast-growing spaces like Web3, where new users are often the most vulnerable.

Looking Ahead

Cybersecurity threats aren’t going away—but neither is the community of defenders. At PhishFort, we’re excited to work with Spamhaus and others in the ecosystem who share our values. Through open collaboration and shared resources, our community-driven approach helps mitigate risks and protect a global user base.

To the many researchers, responders, engineers, and analysts who make this work possible: thank you. Let’s keep sharing.