Other information and services of the government: www.belgium.be Centre for Cybersecurity Belgium

NIS2, Are you in scope?

Belgium's new cybersecurity law entered into force.

Learn more

Are your accounts well protected?

Use Multi-Factor Authentication whenever possible.

Learn more
Slide 1 of
Image
Phishing

Strengthened collaboration with the Federal Judicial Police to combat phishing

Reading time :
1min
Phishing
BAPS
LinkedIn Facebook X

The Belgian Anti-Phishing Shield (BAPS) stands as a key component of Belgium's response against phishing attacks. Recent CCB figures confirm this threat continues to grow. BAPS derives its effectiveness from three pillars: automation, public participation, and the trusted partners model, which expands sources of reliable intelligence on malicious domains and accelerates the blocking process (see below).

This model is unique in Europe and prevented almost 200 million clicks to malicious sites in 2025, protecting numerous potential victims by redirecting users to a warning page.

The integration of PhishNemo into BAPS

The Federal Judicial Police's inclusion among BAPS trusted partners was enabled primarily through the PhishNemo project. Originally developed by the Federal Judicial Police of Limburg, PhishNemo operates as a proactive detection system designed to identify suspicious domain names at an early stage, even before phishing emails achieve wide distribution.

The benefits of this collaboration

  • The partnership delivers a proactive approach where PhishNemo's detection capabilities now feed directly into BAPS, enabling fraudulent domains to be blocked at the DNS level before they inflict widespread damage (almost 16 000 redirections in 2025).
  • The system maintains a proportionate approach, designed to avoid interfering with legitimate internet traffic by limiting interventions to domains that have been thoroughly analysed and validated.
  • A key element is the public-private partnership with Secutec, a Belgian cybersecurity firm with advanced expertise in DNS monitoring and analysis. This collaboration enables the identification of suspicious patterns and malicious domain infrastructures, further strengthening the shield against phishing and protecting Belgian internet users.

How the Belgian Anti-Phishing Shield (BAPS) works

The Belgian Anti-Phishing Shield protects Belgian internet users by blocking access to fraudulent websites at the Domain Name System (DNS) level. When a user clicks on a suspicious link, their internet service provider checks the domain against a threat list managed by the CCB and automatically redirects them to a warning page if identified as malicious. The system complements the BePhish reporting channel (suspicious@safeonweb.be) and is enhanced by the Trusted Partner program, which allows selected organisations (financial institutions, regulatory authorities, identity providers and police services) to directly submit malicious domains to BAPS via secure interfaces and procedures.

This distributed yet coordinated approach significantly reduces the time between detection and blocking, often cutting it from several days or weeks to just a few hours, strengthening Belgium's capacity to respond rapidly to emerging phishing campaigns.

Register your organisation

Register your organisation to access additional free CCB services and protect it from cyber threats.

Register my organisation