04.01.2022 - In the last weekly review of 2021, the NCSC looks back at the 21,000 reports received over the last 12 months. We would like to take this opportunity to thank you for all your reports. They help us to better assess the situation in cyberspace and warn potential new victims more effectively.
28.12.2021 - Last week, the NCSC again received a significant number of reports. Some of the most frequent reports to the NCSC this year concerned bogus parcel notifications. Malware was likewise distributed using this method last week. For the first time, the NCSC also received a report about a scam on a carpooling portal.
21.12.2021 - Last week, the NCSC again received a significant number of reports. The number of dodgy online shops is on the rise in the run-up to Christmas. In addition, emails that use old email exchanges known to the recipient are once again being sent, with the aim of spreading malware.
17.12.2021 - A new way of exploiting the Log4j security vulnerability allows attackers to execute arbitrary code remotely (remote code execution, or RCE). The security vulnerability is already being actively exploited by cybercriminals. The NCSC urgently recommends applying the security patches as soon as possible.
14.12.2021 - The NCSC once again received a higher number of reports in the second week of December. One case of advance payment fraud reported to the NCSC is a perfect example of the lengths fraudsters go to in order to achieve their goal with a person who appears willing to pay. Fake extortion is another frequently reported scam at present. In some cases, fedpol is indicated as the sender.
13.12.2021 - At the end of last week, a zero-day vulnerability in the popular Java library Log4j was disclosed. The security vulnerability is classified as critical, as the library is used in a great many Java applications. Moreover, the security vulnerability allows an attacker to execute arbitrary code remotely (remote code execution, or RCE). It is already being actively exploited by cybercriminals to infect vulnerable systems with malware. The NCSC recommends applying the security patches as quickly as possible.
09.12.2021 - The National Cybersecurity Centre (NCSC) website, together with the Swiss Security Network (SSN), now also offers dedicated information for authorities.
07.12.2021 - The number of reports received by the NCSC increased once again last week. Christmas is a time of abundant fraud attempts. Two of the cases reported this week were aimed at extracting additional money from victims as part of an ongoing investment fraud.
30.11.2021 - Today, on Computer Security Day, the NCSC looks back on another week that saw an increase in the number of reports received. The familiar fake support scam is now being perpetrated in cases of investment fraud. The well-known phishing attempts made in the name of Swiss Post are also appearing in a new guise. The scammers pretend to be a chatbot from the postal service.
29.11.2021 - In recent days, several countries have reported the return of Emotet. Now, such spam emails from .ch senders have also been observed. Emotet is often hidden in Microsoft Office files and requires macros to install the malware on the IT system, e.g. a computer. These attacks can affect private users, as well as companies, authorities and critical infrastructures. The NCSC recommends being extremely cautious, especially in the case of emails with attached files.
