Direct answer
Why include mule routes? Mule routes reveal how phishing becomes financial harm after the landing page.
What this solves
PhishNet links attacked brands, domains, URLs, phone routes, IBANs, wallets, fake finance pages and evidence into one fraud route graph.
Key workflows
Confirmed domains/URLs, fake investment watch, mule route graph, ad/search review, customer-support spoofing and export-ready daily deltas.
Operational value
Fraud teams can feed existing controls while analysts inspect provenance, confidence, liveness and evidence.
How PhishNet uses this
Inside PhishNet this topic is treated as operational graph context: observations are linked to sources, evidence, Belgian relevance, confirmation state, liveness, campaigns and exports. Public pages explain the method; authenticated users can pivot into the full platform workflow when a signal needs investigation or handoff.
Selected sources and research
These pages combine PhishNet platform knowledge with public research, official Belgian sources and open OSINT documentation.
Common questions
Why include mule routes?
Mule routes reveal how phishing becomes financial harm after the landing page.
Can banks export data?
Yes. PhishNet supports CSV, JSONL, STIX, MISP, PDF summaries and evidence bundles.