The weeks in review

09.07.2024 - The NCSC has recently received several reports of attempted scams targeting artists and art organisations. One of the scams involves purported donations from a charitable foundation, while the other involves a fake overseas purchase.

02.07.2024 - Phishers pretending to be from the Federal Tax Administration, menacing emails claiming to be from the Federal Office of Justice and Police and the NCSC, and a barrage of emails last week containing malware hiding behind a fake 'AGOV' government login: scammers and attackers use the names of authorities to put pressure on or gain the trust of the public.

25.06.2024 - The European Football Championship is in full swing and the Olympic Games in Paris are just around the corner. But it's not just the fans who look forward to such major events: scammers also see an opportunity to benefit from these events and defraud fans. Last week, the NCSC received a number of reports from people who paid for tickets they never received. Particularly at major events such as the Olympic Games and international football tournaments, it is important to be cautious when buying tickets and to observe basic cybersecurity rules.

18.06.2024 - A few months ago, a popular influencer contacted the National Cyber Security Centre (NCSC) because his Facebook account had been hacked. Social media presence and follower engagement is central to his profession. After Facebook closed the account that had been hacked, he set up a new account – but the story wasn't over yet.

11.06.2024 - Over the past few days, the NCSC has again received a number of reports of fake sextortion emails. Some of the emails appear to have been sent by the recipient themselves, or contain their actual password. How is this possible – and how should you respond if this happens to you?

04.06.2024 - Phishing websites have long been one of the cyber incidents most frequently reported to the National Cyber Security Centre (NCSC). In order to protect as many potential victims as possible, the NCSC tries to ensure these websites are deactivated as quickly as possible. Meanwhile, the fraudsters do everything they can to prevent this, as shown by an example reported to the NCSC last week.

28.05.2024 - A fake domain name registration company sent an email to the owner of a .ch domain. The email claimed that the fake company had received an application to register the same domain name but with a different ending. Most of the time, these emails come from fake registration companies in Asia. However, in this case, the scammer behind the fake company is German-speaking, has a website and is falsely claiming to have years of experience.

21.05.2024 - Microsoft, the manufacturer of the widely used Windows operating system and the well-known Office environment, releases patches (updates) for its products once a month. Other software manufacturers may have a different cycle, but what they all have in common is that these updates should be taken seriously. On the one hand, patches help to improve the functionality or performance of software, but above all they boost product security and thus protect users from potential attacks.

14.05.2024 - Access to many applications on the internet is now protected by two-factor authentication. Smartphones are playing an increasingly important role as a second security factor when logging into online applications. Cybercriminals therefore try to gain access to these devices in order to obtain the login data. A case reported to the NCSC last week shows that entering a password in a phishing attack on an apparently non-critical internet service may nonetheless have serious consequences. It may also undermine the two-factor authentication process.

07.05.2024 - Crowdfunding platforms have revolutionised the way in which creative projects and innovations can generate financial support. However, even these crowdfunding platforms are not immune to fraudulent practices. Fraud attempts can hinder crowdfunding campaigns or diminish the trust of potential donors. It is therefore important that campaign organisers and donors are aware of the risks, remain vigilant and protect themselves against fraud attempts.

30.04.2024 - Classified ad site for buying and selling items have been popular for a number of years – and this makes them interesting to scammers. In fact, classified ad fraud is one of the most commonly reported offences.

23.04.2024 - The NCSC frequently receives reports from victims where the scam emails seem plausible because they happen to match a current situation. In such cases, it is particularly difficult to spot scam emails, as shown by three examples that have been reported to the BACS in recent weeks. However, by following a few basic rules, it is still possible to spot such emails.

16.04.2024 - The NCSC has been monitoring the phenomenon of fake calls from alleged police authorities for nine months now. In the last three weeks, reports reaching the NCSC about this phenomenon have almost tripled and account for the highest number of reports received since the contact point was founded. However, the high number of incoming reports is not all bad.mittlerweile das Phänomen der gefälschten Anrufe von angeblichen Polizeibehörden. In den letzten drei Wochen haben sich die Meldungen zu diesem Phänomen beim BACS nahezu verdreifacht und sind verantwortlich für den höchsten Meldeeingang seit Gründung der Anlaufstelle. Der hohe Meldeeingang ist jedoch nicht nur negativ einzustufen.

09.04.2024 - The finance department receives a supposedly urgent payment request from the boss. The boss explains that if the person in accounts does not make the payment as quickly as possible, there will be serious consequences for the company as it risks losing an important order. The request usually cannot be queried as the boss is then not available. That is generally the scenario in cases of CEO fraud. Most of these attacks are not very sophisticated and easy to spot. However, artificial intelligence and deepfakes do not stop at this rather simple fraud method, as a recent example reported to the NCSC shows.

02.04.2024 - Federal Councillors are highly respected, widely trusted and enjoy a good reputation in Switzerland. Scammers take advantage of this: to lend credibility to their threatening emails, they make them look like they were sent by a member of the Federal Council. The scammers threaten their victims with criminal charges, usually for illegal pornography, unless they pay a certain amount of money.