Phishing campaigns targeting Dutch taxpayers are growing more sophisticated, combining classic tactics with modern third-party services to steal sensitive data. This research analyses phishing pages impersonating the Belastingdienst, revealing common patterns and infrastructure choices. Beyond traditional form-based methods, attackers are shifting toward interactive, service-driven models, with a strong focus on cryptocurrency theft as a high-value target.

Internet “blackouts” during conflict are not full shutdowns but structural transformations. Using data from Modat Magnify, analysis shows three patterns: Iran restricts access, Israel expands deceptive infrastructure, and Gulf states stabilise while redistributing systems. The internet is reshaped as a strategic tool, not simply turned off.

A cryptomining campaign recently uncovered by Modat, working alongside Recorded Future, demonstrates a high level of modular efficiency that poses a direct threat to organizational infrastructure.