www.belgium.be Logo of the federal government

The COVID-19 pandemic seems to be the perfect opportunity for cybercriminals to take action. Several cyber security partners report attacks on Belgian companies. It is difficult to estimate the number of victims because the records do not reflect reality. On the one hand, people do not like to admit that they have been victims and on the other hand, companies fear that their image will be damaged.

How do cybercriminals operate?

The fraudsters meticulously recreate the login pages of popular platforms such as Microsoft Office 365, PayPal and other online services. They then send their victims a phishing message containing a link or attachment, prompting them to log in with a reason such as "Your mailbox is going to be blocked. Check your account". The unsuspecting user enters his or her login details on the fake website and unknowingly gives them away to the criminals.


In this type of attack, cybercriminals can again infect other users and companies by exploiting the victim's contacts. In this way, many companies can become victims in no time.


Phédra Clouner, Deputy Director CCB

Phishing can have very serious consequences. The best defense is to be on your guard and know what to look for. For example, be very careful with messages that make an urgent appeal or emails that contain spelling mistakes. For more tips, take a look at our website

Bart Asnot, Security expert at Microsoft BeLux.

How can you protect yourself from hacking of your login credentials?

  • Be careful if you receive a message from a platform asking you to enter your password. 

  • Check the sender's email address and the URL of the link you have to click.   If they look unusual, it is probably a phishing scam. 

  • What can you do better? Open your browser and enter the correct URL yourself, e.g. https://www.office.com/  https://www.paypal.com/

How do you know if you are a victim of the attack?

  • E-mails are sent on your behalf from your mailbox, but you have not initiated this action.

  • A few weeks later, you may receive more phishing messages than usual because your data may have been distributed on the Internet and reused by cyber criminals.

What to do if you are a victim?

  • Change your password immediately (on each account where you use it);
  • Notify your contacts; 
  • Enable two-factor authentication (Set up Microsoft 365 sign-in for multi-factor authentication- Office Support); 
  • Cybercriminals may have activated an automatic response . Remove it;
  • There may be a setting that redirects your emails to an internal archive folder or external email address. Remove this setting;
  • Check the information available through this mailbox. Some sensitive or confidential information may be compromised.  It is best to be aware of this.

If you receive a phishing message, please send it immediately to [email protected]. We will block the links so that less attentive internet users cannot become victims.