Phishing in the name of FTA
Fraudsters are currently sending phishing emails on behalf of the Federal Tax Administration (FTA). Recipients are informed that a prompt review of the 2025 tax assessment is required and that they should open the attachment. The attachment contains a phishing page. Ignore these emails, do not reply to them and do not open the attachment.
20.10.2025 14:34
Fraudsters are currently sending phishing emails on behalf of the Federal Tax Administration (FTA). Recipients are informed that a prompt review of the 2025 tax assessment is required and that they should open the attachment. The attachment contains a phishing page. Ignore these emails, do not reply to them and do not open the attachment.
20.10.2025 14:34
Phishing in the name of TWINT
Fraudulent emails are currently circulating in the name of TWINT AG. These emails claim that the TWINT account needs to be verified or personal details confirmed in order to prevent it from being blocked. Recipients are asked to click on a link and enter confidential data. Do not click on the link and ignore such emails.
14.10.2025 11:32
Fraudulent emails are currently circulating in the name of TWINT AG. These emails claim that the TWINT account needs to be verified or personal details confirmed in order to prevent it from being blocked. Recipients are asked to click on a link and enter confidential data. Do not click on the link and ignore such emails.
14.10.2025 11:32
Phishing in the name of FOITT
Currently, scammers are sending phishing emails with the subject «Neue Nachricht zur Verfuegung» in the name of the Federal Office of Information Technology, Systems and Telecommunication (FOITT). Recipients are informed that a new message is available and are referred to an attachment. Do not open the attachment and delete this email immediately.
03.10.2025 13:50
Currently, scammers are sending phishing emails with the subject «Neue Nachricht zur Verfuegung» in the name of the Federal Office of Information Technology, Systems and Telecommunication (FOITT). Recipients are informed that a new message is available and are referred to an attachment. Do not open the attachment and delete this email immediately.
03.10.2025 13:50
Fake murder threats via email
Emails containing a supposed death threat are currently circulating. In the email, the hitman ‘ADAM X’ offers not to carry out the murder if a ransom is paid. Ignore such threats; they are a hoax. The sender's aim is to intimidate the recipient and persuade them to make an ill-considered payment.
19.09.2025 16:05
Emails containing a supposed death threat are currently circulating. In the email, the hitman ‘ADAM X’ offers not to carry out the murder if a ransom is paid. Ignore such threats; they are a hoax. The sender's aim is to intimidate the recipient and persuade them to make an ill-considered payment.
19.09.2025 16:05
Beware of malware
NCSC is currently receiving numerous reports of emails purporting to be from a debt collection agency. These emails contain alleged claims or reminders. Do not click on the link, as this is an attempt to distribute malware to Windows users.
12.08.2025 11:10
NCSC is currently receiving numerous reports of emails purporting to be from a debt collection agency. These emails contain alleged claims or reminders. Do not click on the link, as this is an attempt to distribute malware to Windows users.
12.08.2025 11:10
Fake parking ticket SMS messages
Phishing text messages for allegedly unpaid parking fines are circulating. The text reads: "Parking ticket service - A fine of XX CHF is outstanding. To avoid a surcharge, please view your message before XX.XX.XXX: [link to phishing website]". Do not click on the link, delete the SMS and report it to the NCSC.
18.07.2025 16:38
Phishing text messages for allegedly unpaid parking fines are circulating. The text reads: "Parking ticket service - A fine of XX CHF is outstanding. To avoid a surcharge, please view your message before XX.XX.XXX: [link to phishing website]". Do not click on the link, delete the SMS and report it to the NCSC.
18.07.2025 16:38
Malicious adverts lead to phishing sites
Malicious advertisements on well-known search engines are designed to lure users to phishing websites. Fraudsters use deceptively genuine-looking fake e-banking portals to try to obtain access data. If you notice any suspicious behavior in your e-banking (display of a timer or hourglass) or suspicious payments, contact your bank immediately.
03.07.2025 13:31
Malicious advertisements on well-known search engines are designed to lure users to phishing websites. Fraudsters use deceptively genuine-looking fake e-banking portals to try to obtain access data. If you notice any suspicious behavior in your e-banking (display of a timer or hourglass) or suspicious payments, contact your bank immediately.
03.07.2025 13:31
Alleged email from SBB distributes malware
The NCSC is currently receiving reports of alleged emails from SBB claiming that a suspicious ticket purchase has been detected. To change or cancel the purchase, you are asked to provide personal data and your bank details. You are then asked to install an apk file (installation package for Android apps). The apk file contains malware. Do not click on the link and delete the message.
08.05.2025 15:23
The NCSC is currently receiving reports of alleged emails from SBB claiming that a suspicious ticket purchase has been detected. To change or cancel the purchase, you are asked to provide personal data and your bank details. You are then asked to install an apk file (installation package for Android apps). The apk file contains malware. Do not click on the link and delete the message.
08.05.2025 15:23
Phishing in the name of FTA
Currently, fraudsters are sending phishing e-mails in the name of the Federal Tax Administration FTA. The recipients are informed that they have overpaid in their 2023 tax return. Please ignore these e-mails, do not reply to them, do not click on the link, do not scan the QR code and do not enter any personal data on the phishing page.
27.01.2025 14:40
Currently, fraudsters are sending phishing e-mails in the name of the Federal Tax Administration FTA. The recipients are informed that they have overpaid in their 2023 tax return. Please ignore these e-mails, do not reply to them, do not click on the link, do not scan the QR code and do not enter any personal data on the phishing page.
27.01.2025 14:40
Fraudulent text messages in the name of Binance
Currently, the NCSC is receiving numerous reports of text messages that appear to originate from the crypto trading platform Binance and also use the Binance phone number as sender. The messages contain links to fake websites and a Swiss phone number to call. This is a scam. Do not click on the links and do not call the number.
16.01.2025 09:07
Currently, the NCSC is receiving numerous reports of text messages that appear to originate from the crypto trading platform Binance and also use the Binance phone number as sender. The messages contain links to fake websites and a Swiss phone number to call. This is a scam. Do not click on the links and do not call the number.
16.01.2025 09:07
