Current Incidents

Phishing in the name of SBB
We are currently seeing a number of phishing variants using the SBB and Swisspass names. For example, the message refers to a ticket refund or pretends that the Swisspass account is restricted. Never divulge personal data such as passwords or credit card details on a website that you have accessed by clicking on a link in an email or text message.
16.03.2023 14:00
Fake websites imitate Courier Service Swissconnect
The NCSC is currently receiving numerous reports from sellers on classified ad platforms. In order to organize the transport, they are contacted by alleged parcel and courier services after the sale. The names of well-known companies are misused, such as Post, DPD and DHL. Currently, the scammers create fake websites in the name of the transport company Swissconnect. Ignore such e-mails.
01.02.2023 10:50
Malware targeting hotels
The NCSC is currently receiving reports from hotels that supposed guests are trying to get hotel employees to open a link in an email and thereby download and execute malware. This allows the attackers to gain access to various hotel accounts and carry out further fraud attempts.
31.01.2023 13:40
Warning: Fraudulent emails
Fraudulent emails posing as the police are currently circulating. The senders impersonate various police authorities as well as individuals. Please do not reply to these emails! Report them to the NCSC.
27.01.2023 13:40
Fake blackmail messages sent to web administrators.
In recent weeks, the NCSC has received reports of blackmail messages sent to web administrators. These are fake extortion messages that are similar in style to the well-known fake sextortion emails with empty threats and repeatedly used cryptocurrency addresses.
25.01.2023 14:30
Phishing email concerning alleged tax refund
The NCSC is currently receiving reports of phishing emails that offer the prospect of an alleged entitlement to a tax refund. The sender is fraudulently indicated as ''eIAM – eGovernment''. The link leads to a phishing page. Ignore these emails, do not click on the link and do not enter any personal data on the phishing page.
09.12.2022 13:30
Phishing text messages aimed at Revolut customers
The NCSC is currently receiving reports about phishing text messages targeting customers of Revolut. Citing apparent regulatory requirements, the message requests that customers perform an ID verification. To do so, they are supposed to call up a website. Ignore these text messages. Do not enter any passwords on websites that you have reached by clicking on a link.
24.10.2022 16:00
Fake emails in the name of the NCSC
Cybercriminals are currently sending out fake emails in the name of the NCSC. For this purpose, the threat actors are using the domain ncscS .ch (additional S). Do not reply to such emails!
05.07.2022 17:50
Supposed SBB competition
The NCSC is currently receiving numerous reports of a supposed competition run by SBB to celebrate its 120th anniversary and with the possibility of winning CHF 2,000. After answering a few questions, you have to register and a subscription for CHF 14.50 per week is thereby taken out. Ignore this WhatsApp message and do not forward it to your contacts.
10.06.2022 11:20
Spate of call centre phone calls with fake numbers
Call centres are currently making calls using fake numbers that are actually assigned to private individuals. The number owners are now receiving callbacks from other private individuals, who were notified of missed calls. There can be dozens of such calls. Unfortunately, little can be done about this. Based on experience, the waves subside again after a short time.
03.06.2022 09:00
https://www.ncsc.admin.ch/content/ncsc/en/home/aktuell/aktuelle-vorfaelle.html