Direct answer
Who should use this? National cyber centres, regulators, police units, public-sector coordinators and incident-response teams.
What this solves
PhishNet gives public teams a Belgium/Benelux-first view of fresh phishing, smishing, fake platforms, mule routes, active OSINT, evidence and exports.
Key workflows
Belgian Live Feed, source quality, attacked brands, campaign DNA, kit weakness intelligence, CERT handoff packs and MISP/STIX/API exports.
Why it is different
The platform fuses public sources, authorized active OSINT and evidence workflows into one graph-based operating picture.
How PhishNet uses this
Inside PhishNet this topic is treated as operational graph context: observations are linked to sources, evidence, Belgian relevance, confirmation state, liveness, campaigns and exports. Public pages explain the method; authenticated users can pivot into the full platform workflow when a signal needs investigation or handoff.
Selected sources and research
These pages combine PhishNet platform knowledge with public research, official Belgian sources and open OSINT documentation.
Common questions
Who should use this?
National cyber centres, regulators, police units, public-sector coordinators and incident-response teams.
What data can be exported?
Confirmed and reviewable indicators, evidence metadata, campaign clusters, kit weakness summaries and source-quality records.