News item | 16-12-2025 | 06:00
Every year, 2 in 3 Dutch people receive a fake text message, misleading app or fake email. Supposedly from a friend or acquaintance, an agency or a company where they are a customer. Criminals try to steal data, passwords, login codes or money. According to CBS, 170,000 people fell victim to this tactic last year, also known as ‘phishing’. The Ministry of Justice and Security is therefore introducing the Phish stall today, where everyone can experience how criminals operate and what signals you should pay attention to.
The Phish stall is today with a real fish stall on the Binnenrotte market in Rotterdam, as part of the prevention campaign ‘Don’t let yourself be kidnapped’. Here, market visitors choose from a ‘phish menu’ of fake messages that they can send – directly – to acquaintances. If the recipient responds and clicks on the link in the message, he or she will end up atveiliginternetten.nl. ‘You have been tricked by someone’ is the message there, with tips on how to prevent this in the future. This way, the sender and receiver experience how phishing works.
TV presenter Kees Tol opens the stall and dives into the role of an online criminal. As a Volendam ‘phish farmer’, he sends fake messages to an acquaintance to see how people respond.
I have received a ‘Hi Dad, phone broken’ message several times, complete with payment link
says Kees Tol. For me it is immediately clear that it is fake because I have no children, but I can imagine that as parents you would respond to such an urgent message. That’s why I’m happy to participate in this campaign: so that people are more likely to think that something is wrong when they see a strange message.
From today also online: phishkraam.nl
The Phish stall can also be found online. On www.phishkraam.nl people can choose from 16 different fake messages to send to acquaintances. For example, with the request to quickly transfer money, share passwords or send their bank account, BSN number or other privacy-sensitive data. Anyone who falls for it and clicks on the link will receive an explanation and action perspective, such as “Give yourself 3 seconds… and if in doubt: click away.”
Foort van Oosten, Minister of Justice and Security: “With the Phish stall you experience, on the one hand, how easy it is to quickly send a misleading message and, on the other hand, how tempting it is to respond to it. This safe social experiment shows which psychological tricks criminals use. You put yourself in their shoes, so that you recognize it more quickly in the future and do not fall into the trap. This experience will hopefully ensure that fewer people are misled.”
Don’t let yourself be intercepted: recognize the signals
Recent research showed that more than half of the Dutch people surveyed claim that they are very good at recognizing this type of deception, while 9 out of 10 people do not always recognize online scams in real life.
The Phishkraam campaign is part of the prevention campaign ‘Don’t get scammed’. The purpose of this campaign, set up by the Ministry of Justice and Security and the Ministry of the Interior and Kingdom Relations, is to help people recognize and prevent online deception. By letting people experiment with misleading techniques themselves, the subject becomes concrete and realistic. And hopefully people will become more resilient to phishing.
Especially during the holidays
In the process, people in the phish booth learn which techniques online criminals use. Examples of misleading techniques? Putting people under time pressure, pretending there is an emergency, making messages very personal, pretending to be someone else, offering a great opportunity, responding to emotions or being very friendly. During the busy period around the holidays, people do not always pay full attention and are extra sensitive to this type of deception.