Belgium’s Centre for Cybersecurity, the CCB has already received more than 8,100,000 suspicious emails this year. The emails are forwarded to the CCB by worried members of the public. The figure is over 2,000,000 higher than last year. According to the CCB, that remarkably high figure is due to a combination of things: criminals becoming increasingly active and the greater awareness of the CCB’s address: verdacht@safeonweb.be.
Since January, more than 8,100,000 phishing emails have been forwarded to Safeonweb, a government agency. In the whole of 2022, the number was just over 6,000,000. Today, the number continues to rise. In total, the emails contained some 800,000 different links to malicious websites. It’s a striking that figure remains very high. “On the one hand it shows people trust us, but on the other hand, it also means that the number of suspicious messages remains very high,” explains CCB director Miguel De Bruycker.
What does Safeonweb do with these emails?
If you receive a suspicious e-mail, you can immediately forward it to verdacht@safeonweb.be. “Verdacht” is the Dutch word for ‘suspicious’. As quickly as possible, the Safeonweb team then tries to find out whether criminals are actually involved. “Thanks to those emails, early in the morning, we get a good idea of the campaigns criminals will be working on that day. In this way, we can start warning companies like Microsoft and Google, providing precise information, and enabling them to intervene immediately and improve their security programmes,” says De Bruycker.
The information that can be gathered in this way is worth its weight in gold. “Without the information from all the e-mails people send us internet users would be much less well protected. It’s information those big companies wouldn’t get otherwise. By the way we always anonymise the data. ”
Malicious websites are also filtered and reported to internet service providers. Safeonweb also works closely with the police and the judiciary to help detect and stop criminals.
Is eradicating phishing realistic or naive?
A while ago, the director of the CCB predicted that phishing would be a thing of the past by the end of 2023, but nothing could be further from the truth. “I was wrong about that. Indeed, it has not yet been achieved. As a government agency, it is always a challenge to implement systems and recruit people. It always happens more slowly than you would wish, but we are well on our way. With a little delay, we will still move to the next level of protection in coming months.”
Eliminating phishing altogether is a little too optimistic, De Bruycker admits. “On the other hand, we do manage to filter out many thousands of text messages every day. The same applies to spam e-mails: what people get sent now is just the tip of the iceberg.”
