31.12.2024 - In our final weekly review of the year, we take a look back on the around 63,000 reports of cyber incidents we received over the past twelve months. Once again, scams involving threatening phone calls purporting to be from the police stood out: this type of scam accounted for more than a third of all reports this year. This and other types of scams are featured in this week’s review. Cybercriminals are working across all channels, calling people on the phone, sending emails, text messages and letters, and even pasting fake QR codes over real ones. We would like to thank all of you for the valuable information and reports you have provided to help us better assess the situation in cyberspace and provide early warning to potential victims.
The number of reports has increased again in 2024 and is about 13,000 higher than last year. However, almost all of these additional reports fall into the ‘threatening calls supposedly from authorities’ category. While 7,193 such calls were reported in 2023, there were almost 22,000 this year – almost three times as many. If we exclude this type of fraud, the total number of reports we have received is at a similar level to last year.
The ratio between reports from the population (90%) and from companies, associations and authorities (10%) remains stable. Among the most common types of fraud reported by companies, there has been a sharp increase in CEO fraud (2023: 487 / 2024: 716). There was also a slight increase in reports of DDoS attacks (2023: 41 / 2024: 48), while reports of billing manipulation fraud remained unchanged (2023: 118/ 2024: 114). The number of reported ransomware incidents has actually decreased slightly, from 109 incidents reported last year to 92 incidents reported this year. However, the number of cases does not indicate the extent of the damage. The focus of attackers is increasingly on lucrative targets, so the damage per incident is likely to be higher in the future. It should also be noted that ransomware attacks are now almost always coupled with a data breach, further increasing the magnitude of the damage.
Phishing across all channels: email, SMS – and now even letters and QR codes on parking meters
As was the case last year, we received more reports of phishing emails through our online form this year: an increase of over 2,500 to more than 12,000 in 2024. The vast majority of phishing scams are still carried out via email. As was the case in 2023, we are still seeing a large number of fake parcel post notifications and phishing scams in the name of Swisspass. In particular, parcel phishing scams are increasingly carried out via SMS. There has also been a noticeable increase in scam messages being sent via RCS messaging (e.g. iMessage) rather than SMS. Since 2022, Swisscom, Salt and Sunrise have been using SMS filters – to bypass these filters, scammers are shifting to RCS and iMessage. The cat-and-mouse game between scammers and security service providers is evident here, as in many other areas of cybercrime.
While sending emails and text messages is often a high-volume business and attackers assume that only a small proportion of their attacks will be successful, this year we have also seen more targeted attacks. Examples include calls from supposed bank employees pretending to stop a fraudulent payment or, more recently, fake QR code stickers on parking meters. These QR codes lead to well-designed phishing sites that are almost indistinguishable from the real thing. This type of scam exploits the fact that many people are in a hurry when parking their cars and are therefore less careful. Unlike traditional phishing scams, the scammer must be physically present to install the QR stickers.
QR codes also used to spread malware
A case in the second half of the year shows that QR codes are also being used to spread malware. In this scam, people were sent letters that appeared to be from MeteoSchweiz. The letters contained a QR code to download a new weather app – which was actually malware. In this case, the attackers were trying to combine analogue and digital communication channels. In the age of phishing and malware, many people are increasingly suspicious of emails that ask them to click on a link. A letter with an official logo looks much more trustworthy. In the past, the problem with letters was that the targets of the scam had to painstakingly copy any links they contained by hand. Today, QR codes solve this problem. It’s no wonder that scammers and hackers are increasingly using this method – the cost of postage is probably the only barrier to mass mailing. We expect to see a further increase in this type of fraud next year.
Sharp increase in fraudulent competitions
This year we have seen a sharp increase in the number of fraudulent competitions. In 2023 there were 1,025 reports. This year the number has almost tripled to over 3,400. In many cases, household names in the food, retail, electronics and transport industries are being misused. The scams always follow the same pattern: a fake competition is presented where some very simple questions must be answered. In order to receive the purported prize, you are required to provide personal information such as your credit card details, name, email address and mobile phone number. Tucked away in the fine print of the terms and conditions, or even outside the visible area of the website, it says that by continuing you are agreeing to a multi-year subscription. The fee is charged to your credit card immediately.
The National Cyber Security Centre would like to thank you for your trust and support. We wish you a fraud and virus free New Year, and a happy and healthy start to 2025!
Current statistics
Last week's reports by category:
Last modification 31.12.2024
