Phishing fundamentals

What is phishing?

Phishing is the industrialized abuse of trust: a message, page, ad, domain, phone number or application that borrows credibility long enough to move a victim toward credentials, payment, malware, or contact with an attacker.

Request demoRead researchOpen dashboard

Direct answer

What is phishing? Phishing is a fraud or cyberattack technique that impersonates trust to push victims toward credentials, payments, malware, or attacker-controlled communication routes.

Phishing is an attack chain, not a single link

A phishing case usually combines naming, distribution, infrastructure, social engineering, capture, monetization and evasion. A domain alone rarely explains the risk. The useful intelligence is the connection between the lure, target brand, source, evidence, redirects, hosting, kit markers, payment routes and analyst confidence.

Why raw feeds are not enough

Most public feeds answer only whether something has appeared somewhere before. Operators need to know whether it is fresh, still present in feeds, technically live, corroborated, evidence-ready, false-positive suppressed, and relevant to a country, sector or brand.

What PhishNet adds

PhishNet treats phishing as a graph of observations. It separates confirmed, corroborated suspicious and review-candidate signals, then links them to evidence, source quality, brands, campaigns, kits and exports.

How PhishNet uses this

Inside PhishNet this topic is treated as operational graph context: observations are linked to sources, evidence, Belgian relevance, confirmation state, liveness, campaigns and exports. Public pages explain the method; authenticated users can pivot into the full platform workflow when a signal needs investigation or handoff.

Selected sources and research

These pages combine PhishNet platform knowledge with public research, official Belgian sources and open OSINT documentation.

APWG Phishing Activity Trends Reports ENISA Threat Landscape 2025 Why Phishing Works, Dhamija, Tygar and Hearst, CHI 2006 CCB Belgium: phishing messages surge

Common questions

What is phishing?

Phishing is a fraud or cyberattack technique that impersonates trust to push victims toward credentials, payments, malware, or attacker-controlled communication routes.

Is phishing only email?

No. Modern phishing appears in email, SMS, search ads, social platforms, fake apps, QR codes, support scams, malicious domains and reverse-proxy login pages.

Why does liveness matter?

A feed-current indicator means a source still reports it. Verified live means DNS or HTTP checks show the infrastructure is reachable within a defined TTL.

Related reading

Knowledge

The phishing attack chain

How phishing moves from preparation to delivery, capture, monetization and reuse.
Knowledge

The phishing knowledge graph

Why phishing intelligence becomes more powerful when indicators are connected into a graph.
Knowledge

Phishing evidence and takedown

How evidence, provenance and human approval turn intelligence into safe action.