Safety

Public redaction policy

Public PhishNet pages are designed to be useful without amplifying harm.

Request demoRead researchOpen dashboard

Direct answer

Are all public examples safe? They are sanitized and selected for explanation rather than operational reuse.

Always redacted publicly

Raw operational IOCs that could facilitate abuse, raw secrets, victim data, private tokens, credentials, exploit-enabling kit details and sensitive active-OSINT artifacts are not published on public pages.

What is shown

Public pages show sanitized examples, source families, aggregate cards, charts, methodology, confirmation-state concepts and citation metadata.

Authenticated boundary

Authorized platform users can access operational IOCs and evidence according to role and policy, except raw secrets, tokens, private keys and victim data.

How PhishNet uses this

Inside PhishNet this topic is treated as operational graph context: observations are linked to sources, evidence, Belgian relevance, confirmation state, liveness, campaigns and exports. Public pages explain the method; authenticated users can pivot into the full platform workflow when a signal needs investigation or handoff.

Selected sources and research

These pages combine PhishNet platform knowledge with public research, official Belgian sources and open OSINT documentation.

APWG Phishing Activity Trends Reports ENISA Threat Landscape 2025 Why Phishing Works, Dhamija, Tygar and Hearst, CHI 2006 CCB Belgium: phishing messages surge urlscan.io API documentation Microsoft Ad Library API Common Crawl CDX Index

Common questions

Are all public examples safe?

They are sanitized and selected for explanation rather than operational reuse.

Related reading

Static

PhishNet public methodology

How PhishNet turns cached phishing observations into public-safe research, reports and data products.
Static

How to cite PhishNet

Citation guidance for PhishNet public reports, data products and research pages.