Other information and services of the government: www.belgium.be   Logo van de Belgische federale overheid

Already 4.4 million phishing messages in Safeonweb mailbox this year

Last 6 months, we received almost 4.4 million messages in the mailbox of suspicious@safeonweb.be, which is almost 2 million more than the first 6 months of 2022. This proves at least 2 things:

  • phishing is not yet on the way back,
  • AND people are increasingly forwarding these fake messages to Safeonweb.

With this information, we were able to have more than 320,000 suspicious links blocked. Less attentive internet users who did click on such a link in a message were redirected to a warning page and thus not scammed. Thanks to all these messages, we are able to publish weekly alerts on our website and social media. In this way, we notify potential victims as soon as possible, and constantly update people on the latest phishing messages.

We notice that phishing messages we receive look increasingly credible. The messages are made to look very much like real messages. As a result, it has simply become very difficult to distinguish between genuine and fake messages. We see existing messages or newsletters being almost completely copied or counterfeited, after which one or more fake links are added to the message.  The aim is to inspire your trust and get you to click through to a fake web page.

Never get caught again!

The main way to make sure a post is correct is to properly analyse the links in that post. You do that by hovering over the link or button without clicking. The address of the website the link points to or the URL will then appear. In the examples below, you can see that that address does not refer to Engie or e-box.

Together with the Cyber Security Coalition, we therefore launched Surfing Without Worry, a series of simple and accessible online courses on cybersecurity.   In the first part Watch where you're going!, you will learn to recognise the links in fake messages arriving in our e-mail boxes and on our mobile phones.

Go to Surfing without worries: https://surfwithoutworries.safeonweb.be/en/cookies

e-Box
volledige breedte
engie
volledige breedte
What suspicious reports circulated between January and June?

In particular, we saw many 'classics'. Annual notices from governments or energy suppliers about premiums, taxes, pensions, holiday pay, etc. are a big inspiration for scammers. They pretend to be the Government Finance Department, the Federal Pension Service, the Flemish Government, Engie, etc....

The messages sometimes appear to come via My e-Box, Doccle or My Burgerprofiel (Vlaanderen.be) but they are fake. Such messages pop up with regularity.

What also causes a lot of annoyance are the recurrent fake messages that seem to come from parcel services. This involves allegedly paying extra fees, missing data or asking to download an application. A similar scenario seems to come from banks. You are asked to confirm your details, request a new card reader or maintain access to your bank account. Again, the intention is simply to collect data from you and misuse it.

An important tip to avoid scams: do not click on a link in a message

Go yourself (via the browser and therefore not via a link in a message) to the organisation's login page to check the information. So for the examples above, go to e.g. your login page of bpost or another parcel delivery company, your energy supplier, e-Box or Doccle. If you want to check information about your bank account, go through your homebanking website or your banking app.

More than just phishing

In phishing, the aim is always to capture the victim's data in one way or another. Sometimes this data is used immediately, e.g. to plunder your bank account, but in other cases your data is kept and sold on to other cybercriminals who in turn use it to scam you in one way or another.

For example, there are several known scenarios where the victim is persuaded to make a transfer himself. The scammer tries to gain your trust or just scare you, with the sole intention that you will transfer money yourself.  Examples include relative fraud, investment fraud, WhatsApp fraud and sextortion scam.  

Now follow Safeonweb on Instagram too!
volledige breedte
volledige breedte