Direct answer
Are ad-library hits confirmed phishing? No. Public ad/search/social traces begin as review candidates until captured, corroborated or analyst-confirmed.
Why this matters
A victim who searches for help, investment opportunities, parcel updates or account recovery can be routed into fraud before receiving any email or SMS.
Evidence model
Discovery tasks are not findings. PhishNet separates discovery tasks, captured evidence candidates and analyst decisions so ad/search/social traces do not become hard labels without corroboration.
Operational output
Useful output includes archived pages, source provenance, screenshots, final URLs, brands targeted, ad platform context, confirmation state, false-positive suppression and export links.
How PhishNet uses this
Inside PhishNet this topic is treated as operational graph context: observations are linked to sources, evidence, Belgian relevance, confirmation state, liveness, campaigns and exports. Public pages explain the method; authenticated users can pivot into the full platform workflow when a signal needs investigation or handoff.
Selected sources and research
These pages combine PhishNet platform knowledge with public research, official Belgian sources and open OSINT documentation.
Common questions
Are ad-library hits confirmed phishing?
No. Public ad/search/social traces begin as review candidates until captured, corroborated or analyst-confirmed.
What can buyers do with this data?
They can prioritize evidence collection, alert brand teams, preserve proof and feed confirmed domains or URLs into existing controls.