Wednesday, June 24, 2026

Valyrian News Network

Understanding, Automated

Crime Consumer Rights

Phishing in Belgium: Victim Loses €2,250, Banks Must Pay

Valyrian News Network 4 min read

Phishing in Belgium: Victim Loses €2,250, Banks Must Pay

Belgium is grappling with a severe phishing epidemic as over 40,000 cases are reported daily — a 50% increase year-over-year — and a landmark legal ruling now forces banks to immediately compensate victims. The crisis was brought into sharp focus this week by the story of Ellie Dewinter (45), a single mother of three from Aarschot who lost €2,250 in just five minutes after falling for a fake job vacancy scam on the employment platform Indeed.

A Mother’s Five-Minute Nightmare

Dewinter, who works for the city of Leuven and holds a weekend flexi-job at McDonald’s, applied for what appeared to be a part-time position at UGC cinema via Indeed in March 2026. Shortly after applying, she was contacted on WhatsApp by someone posing as “Femke from UGC.” The scammer asked for a €2.10 payment to cover uniform delivery — a small, seemingly reasonable request designed to lower her guard.

“I wanted to pay €2.10 and now I’ve lost €2,250,” Dewinter told Het Laatste Nieuws. “In five minutes I lost everything I had saved for months.”

When Dewinter attempted the payment, it failed through her banking app. The scammer instructed her to use her laptop’s card reader instead. By the next morning, €2,670 had been drained from her account. Thanks to a weekend processing delay, €420 of the last fraudulent transfer was cancelled, but she was left with a net loss of €2,250. Her bank, Argenta, refused to refund her, claiming she had authorized the transactions.

Police confirmed that Indeed is the most common platform for vacancy fraud in Belgium. Wouter Bruyns of Antwerp police warned that criminals are after more than just money: “If there’s urgency, something is wrong.” Indeed spokesperson Eugenie La Haije stated that fraudulent vacancies violate company policy and urged applicants never to send money to potential employers.

Landmark Ruling Shifts Burden to Banks

Just days before Dewinter’s story broke, a landmark legal decision in Antwerp sent shockwaves through Belgium’s banking sector. An Antwerp summary judge ruled that a bank must immediately compensate an elderly couple — both in their nineties — who lost nearly €50,000 to a scammer posing as a bank employee in Portugal.

The ruling is based on European jurisprudence establishing that banks must always compensate phishing victims first. Only afterward can banks sue to recover money if they can prove gross negligence by the client. This reverses the current practice, where victims are often forced to take their banks to court.

“This is groundbreaking. Banks do everything to avoid paying. Now they must,” Geert Lenssens, a banking lawyer, told RTBF. Audrey Despontin, another banking lawyer specializing in phishing cases, said she will use the decision in “thousands of cases” in the coming months.

A Crisis of Unprecedented Scale

The ruling comes at a time when phishing in Belgium has reached crisis proportions. According to the Centre for Cybersecurity Belgium (CCB), over 40,000 phishing cases are now reported daily — more than 3.6 million in the first quarter of 2026 alone. This represents a 50% increase compared to the 2025 daily average. In 2024, RTBF reported that €49 million was stolen via phishing in Belgium.

Artificial intelligence is accelerating the crisis. Christophe Axen, Deputy Director of the Regional Computer Crime Unit of Liège, explained that AI now enables scammers to create grammatically perfect, culturally appropriate phishing messages. “Before, you could spot phishing by spelling errors. Now AI fixes all that,” he said.

Political Pressure Mounts

Consumer Protection Minister Rob Beenders (Vooruit) has been pressuring banks since March 2026, sending letters demanding transparency on their criteria for refusing reimbursement. “Today, banks too often interpret legislation to their advantage, preventing victims from recovering their money,” Beenders said, as quoted by RTBF. He has threatened legislative action if banks do not change their practices.

However, not all experts are convinced that automatic reimbursement is the right solution. Charles Cuvelliez, a cybersecurity professor at ULB, warned that if banks must pay immediately, clients may stop being careful, and organized crime could exploit the system by pretending to be victims.

What’s Next

The Antwerp ruling creates a powerful precedent, but its long-term impact remains uncertain. Febelfin, the Belgian banking association, argues the ruling applies only to unauthorized transactions, not cases where victims were manipulated into authorizing payments themselves. The European Court of Justice is expected to rule on the broader question of immediate reimbursement, which could either reinforce or override the Antwerp decision.

For Ellie Dewinter, the ruling came too late. Her bank, Argenta, has refused to refund her losses. “I thought banks were legally required to do this,” she said. “I’ve learned a very expensive lesson.”