Hot topics

Week 10: Fraudulent emails sent using booking.com platform

12.03.2024 - Most of the phishing-related complaints received by the NCSC relate to emails or text messages designed to look like they originate from Swiss Post, the SBB/SwissPass or banks. In this edition of the week in review, we look at a variation on this theme targeting users of booking.com.

Xplain hack: National Cyber Security Centre publishes data analysis report

07.03.2024 - The National Cyber Security Centre (NCSC) took over responsibility for incident management in the Federal Administration in the wake of the hacker attack on Xplain, a major provider of IT services to national and cantonal authorities. Part of its activities involved analysing the data that the perpetrators published on the darknet. The NCSC released a report today explaining its analysis and providing information on what type of data was affected and the challenges as-sociated with analysing the data. The report does not evaluate the content of the data, nor does it analyse why certain data was leaked. The latter question will be clarified as part of the ongoing administrative investigation.

Week 9: Phishing scammers targeting gamers

05.03.2024 - Phishing attempts are among the most frequently reported cyberincidents at the NCSC. Cybercriminals use social engineering methods that they tailor to their target groups. For instance, players of the popular video game "Counter-Strike 2" are currently being asked to take part in a fake vote.

Week 8: New types of social engineering attacks

27.02.2024 - Classified ad fraud is one of the offences most frequently reported to the police. The fact that new variants continually arise shows that this is a lucrative business for scammers. Three new types of social engineering attacks reported to the NCSC in recent weeks are designed to trick users of the TWINT payment app.

Florian Schütz takes part in the Common Good Cyber Workshop 2024 in Washington D.C.

26.02.2024 - On 26 and 27 February, Switzerland will once again play an active international role in efforts to improve cyber security. Florian Schütz, Director of the National Cyber Security Centre (NCSC), will take part in the Common Good Cyber Workshop 2024 in Washington D.C., organised by the NGO Global Cyber Alliance.

Week 7: Mods and cheats - What you should be aware of in video games

20.02.2024 - Computer games are very popular and, as in real life, not everyone always plays by the rules. The following report explains how searching for ways to cheat a game can end badly.

Week 6: Your email account: a hub for online fraudsters

13.02.2024- The NCSC frequently receives reports of hacked social media accounts or unknown online purchases. In many cases, the scam can be traced back to a hacked email account. Unfortunately, people tend to underestimate the importance of protecting their email accounts.

Week 5: Secure your home network from unauthorised access

06.02.2024 - The NCSC was recently notified of a case where hackers managed to break into a person's home network. After encrypting family photos and other personal data, they issued a ransom note demanding a substantial sum of money.

Week 4: The tricks that phishers use to get clean data

30.01.2024 - Many internet users will now recognise phishing attempts when they see them. The main thing is not to click on the link: just ignore or delete the email or text message. Still, a lot of people are tempted to click on the link anyway and enter a made-up name or a password comprising a random combination of letters, just to give the scammers a hard time. This sort of data, which is totally worthless to scammers, then gets mixed up with real credentials stolen from unsuspecting victims. Before they can use or sell lists of stolen passwords, the scammers have to screen out all the junk data – and that takes a lot of time. So they are always looking for new tricks to keep their password lists as clean as possible.

Anti-Phishing Report 2023

29.01.2024 - Last year, the NCSC received and analysed around 554,000 phishing reports. Of those, 10,007 websites were ultimately identified as phishing websites and the website operators informed. In the Anti-Phishing Report published today, the NCSC provides insight into that analysis and information on the most frequently misused brand names and domains. It also sets out the most important measures and recommendations to protect against phishing.

Information of previous years

Last modification 28.12.2023

Top of page