The Online Threat Landscape in Belgium
Cybercrime affecting Belgian consumers has grown steadily in recent years. Scammers increasingly tailor their attacks to Belgian audiences — using Dutch, French, or German language messages, and impersonating well-known Belgian institutions such as bpost, Belfius, ING, the Belgian tax authority, or social security services.
The good news: most online scams rely on the same handful of techniques. Once you know what to look for, you're far less likely to fall victim.
The Most Common Scams Targeting Belgian Residents
Phishing (Email-Based)
Phishing emails impersonate trusted organisations and try to trick you into clicking a link that leads to a fake website, where you're asked to enter login credentials or banking details. Red flags include:
- Urgency ("Your account will be suspended in 24 hours!")
- Requests for passwords, PIN codes, or card numbers
- Sender email address that doesn't match the organisation's real domain
- Links that look plausible but contain subtle misspellings (e.g., "proximus-support.net")
Smishing (SMS-Based)
Smishing is phishing via SMS. A common variant in Belgium is a fake bpost message claiming a package is awaiting customs payment. The link leads to a fraudulent payment page. bpost will never ask for payment via an SMS link.
Vishing (Phone Call-Based)
Scammers call pretending to be bank employees, police officers, or tech support staff. They may claim there's suspicious activity on your account and pressure you to transfer money or share your banking app codes. Legitimate banks in Belgium will never ask for your full PIN, card number, or itsme® codes over the phone.
Fake Webshop Scams
Fraudulent online shops advertise products at unrealistically low prices. After payment (usually by bank transfer), goods never arrive and the site disappears. Always verify a shop's legitimacy before purchasing from unfamiliar websites.
The Five Habits That Protect You
- Never click links in unsolicited emails or SMS messages. If you receive a message claiming to be from your bank or a government service, go directly to their official website by typing the address yourself, or use the official app.
- Use strong, unique passwords for every account. A password manager (such as Bitwarden, 1Password, or similar) makes this manageable without needing to memorise dozens of passwords.
- Enable two-factor authentication (2FA) on all important accounts — email, banking, social media. This means that even if a password is stolen, an attacker can't access your account without the second factor.
- Keep your devices updated. Software updates patch security vulnerabilities. Enable automatic updates on your phone, computer, and router.
- Pause before acting. Scams exploit urgency and fear. If a message creates strong emotional pressure to act immediately, slow down and verify independently.
What to Do If You've Been Scammed
- Contact your bank immediately if any financial details were shared or a transfer was made. Belgian banks have fraud teams available around the clock.
- Report the scam to the Centre for Cybersecurity Belgium (CCB) via safeonweb.be — you can forward suspicious emails directly to verdacht@safeonweb.be.
- File a report with the Belgian police at police.be or at your local police station.
- Change your passwords for any accounts that may have been compromised.
Useful Belgian Resources for Online Safety
| Resource | What It Offers | Website |
|---|---|---|
| Safeonweb.be | Scam alerts, security tips, report suspicious messages | safeonweb.be |
| Card Stop | Block lost or stolen bank cards 24/7 | cardstop.be (0800 40 770) |
| Test-Achats | Consumer advice including digital fraud | test-achats.be |
| Belgian Federal Police | Report cybercrime | police.be |
Staying safe online doesn't require being a technical expert. It requires awareness, a few good habits, and knowing where to turn when something feels wrong.