From February to July 2024, an analysis of over 500 popular domains revealed more than 10,000 malicious lookalike domains employing typosquatting and brand impersonation techniques. Google, Microsoft, and Amazon were the most targeted brands, accounting for nearly 75% of phishing domains. Almost half of these domains used free Let's Encrypt TLS certificates to appear legitimate. The .com top-level domain was most prevalent, targeting English speakers. Internet Services, Professional Services, and Online Shopping were the most impersonated sectors. GoDaddy was the most abused domain registrar. Threat actors used these domains for malware distribution, credential theft, scams, and command-and-control communication.