Direct answer
What is Germany phishing intelligence? It is phishing intelligence prioritized by relevance to Germany: brands, language, victims, sources, phone/payment routes, official warnings and campaign reuse.
Problem
Country teams need to see attacks that target their citizens and brands even when domains, hosting, ads or kits are outside Germany.
PhishNet unique data
PhishNet combines open feeds, regulator warnings, CT/domain evidence, URL evidence, public dashboard snapshots, source quality and graph relationships to explain why a signal matters for Germany.
Public-safe proof module
Cached public modules can show country pressure, source families, confirmation split and redacted examples. German-market campaigns create useful contrast for TLD, hosting, brand and kit reuse patterns.
Integration path
Operational exports can be scoped by country, brand, source family, confidence state, liveness and evidence readiness for MISP/STIX/API workflows.
Conversion path
CTA: request a country sample feed, public-sector briefing, or research dataset for this market.
How PhishNet uses this
Inside PhishNet this topic is treated as operational graph context: observations are linked to sources, evidence, Belgian relevance, confirmation state, liveness, campaigns and exports. Public pages explain the method; authenticated users can pivot into the full platform workflow when a signal needs investigation or handoff.
Selected sources and research
These pages combine PhishNet platform knowledge with public research, official Belgian sources and open OSINT documentation.
Common questions
What is Germany phishing intelligence?
It is phishing intelligence prioritized by relevance to Germany: brands, language, victims, sources, phone/payment routes, official warnings and campaign reuse.
Does country relevance depend on the TLD?
No. A `.top`, `.xyz` or other non-local domain can still be country-relevant when it targets local brands, language or institutions.