The weeks in review

17.12.2024 - As a business, you send emails to your customers all the time: project enquiries and processing, order placement, payment and delivery terms – a lot of things happen through this communication channel. It takes little effort for scammers to exploit this, but the damage to the victim can be enormous. A very interesting case of this happening was recently reported to us.

10.12.2024 - Over the past week, the NCSC has received numerous reports of attempted CEO fraud phishing scams. Churches, schools, associations and political parties are particularly affected as they often publish a lot of information on their websites that criminals can use to create credible scams. The scammers' aim is to get victims to make payments or buy gift cards online and send them the codes so that the scammers can redeem them.

03.12.2024 - When the first snow falls and the Christmas holidays are just around the corner, many of us dream of visiting one of Switzerland’s famous holiday destinations. To find the right place to stay, we use a search engine or one of the popular booking sites. But there are scammers out there who want to steal your money and don’t care if they ruin your holiday. In this week’s review, we discuss recent examples of this type of scam.

26.11.2024 - The NCSC has received a growing number of reports of advertisements on social media that offer competitions or low-cost travelcards purportedly from Swiss and Liechtenstein transport companies. What may at first glance appear to be a tempting offer or a chance to win something may turn out to be a subscription or season ticket scam that could end up costing you dearly.

19.11.2024 - Phishing using text messages has increased significantly in recent weeks. A wave of text messages demanding payment of bogus parking fines is now being followed by messages about fake parcel deliveries. Interestingly, these text messages no longer come in the standard form of an SMS, but via RCS, a protocol mainly used on Android devices, or via iMessage, Apple's text messaging service. This allows fraudsters to bypass mobile phone providers’ SMS filters.

12.11.2024 - Over the past week, the NCSC has received an increasing number of reports about websites that are compromised in order to make visitors believe that the browser needs to be updated or a CAPTCHA needs to be solved. The aim is to infect website visitors' devices with malware.

05.11.2024 - A case was reported to us last week that shows how criminals associated with the Black Basta group infect businesses with ransomware. Victims are bombarded with spam emails and then contacted by fake support staff via Microsoft Teams and by phone. Ostensibly, the support staff are there to repair the damage – but in reality, they are scammers trying to gain access to their victims' devices in order to install malware.

29.10.2024 - Over the past few years, we have seen a significant change in the tactics used in credit card phishing scams. With two-factor authentication becoming increasingly common, it is no longer enough for scammers to simply trick their victims into sharing their credit card details. Now they have to trick their victims into going through the entire payment process and authorising the payment at the end. That's why they’re always looking for ways to deceive their victims and make them do things they shouldn’t. A particularly brazen example was reported to the NCSC last week.

22.10.2024 - Domain owners who forget to renew their domains on time, or who give their domains up voluntarily, may be in for a nasty surprise. We are aware of several scams where cybercriminals have taken advantage of domain owners’ lapses in attention.

15.10.2024 - In fake support scams, criminals pretend to be from an IT company – such as Microsoft – in order to convince their victims to give them remote access to their computers. In a new type of fake support scam that has recently been reported to us, the scammers also try get hold of the victims’ login details.

08.10.2024 - There are increasing reports of scams being carried out with the help of artificial intelligence (AI). AI can be used to imitate voices, create deepfake videos or write texts in Swiss German. Last week, we received a report that a fake entry had been made on a review site using AI.

01.10.2024 - The NCSC reported on the use of data leaks in fake sextortion emails a few weeks ago. To make victims believe their computers had been hacked, scammers told them they knew their phone number. The scammers have now adapted their approach and are using home addresses to increase pressure on their victims. Our research shows that scammers also get this information from data leaks.

24.09.2024 - Fraudulent investments, especially those involving cryptocurrencies, are a widespread scam. The NCSC is now seeing a lot of advertising on social media for companies and their websites that claim to be able to recover lost money. Unfortunately, they are just another scam.

17.09.2024 - The NCSC receives many reports of private sector providers offering to help people access government services for a fee. However, these providers usually do very little: their service consists of transferring your data from the form on their website to the official form on the government website. These kinds of scams are common for ordering criminal records extracts or motorway tax stickers. Last week, two cases were reported to the NCSC that have to do with travel to the USA.

10.09.2024 - Fraudsters take advantage of every opportunity to get their hands on your money. Last week, two cases were reported to the NCSC in which motorists were targeted by fraudsters. The schemes involved fake websites for motorway stickers in Austria and parking fines in Switzerland.