22.06.2021 - The NCSC again received a moderate number of reports last week. Numerous reports of text messages advertising a COVID-19 test subscription are examples of what to watch out for when it comes to advertising. A link to a supposed voice message, circulated via text message, leads to the Flubot malware. The page is only displayed if it is accessed from an Android smartphone.
Rules also exist for advertising
"Register for free for Switzerland's official COVID-19 test subscription and get 5 self-tests delivered to your home". This text message, which was sent with the sender name "Admin-CH", was reported to the NCSC several times last week. The link provided referred to a website where a subscription for the free COVID-19 tests could be taken out. Clarifications by the NCSC revealed that the site actually belonged to a Swiss pharmacy and that the same pharmacy had sent the text messages. After the NCSC intervened, the sender "Admin-CH" was removed, but the promotional text messages continued to be sent.
At this point, it should be mentioned that a number of things must be observed when sending out marketing material and that the law against unfair competition must be complied with. Advertising may only be sent to individuals who have previously agreed to receive such emails or text messages. If a customer relationship already exists, electronic advertising is permitted as long as an unsubscribe option is offered. In this case, the text messages were not only sent to people who were not customers, but there was also no possibility to unsubscribe.
Federal Act on Unfair Competition (UCA) (available in French, German, Italian): https://www.fedlex.admin.ch/eli/cc/1988/223_223_223/de
In particular, unfair conduct is committed by anyone who, in accordance with Article 3 paragraph o of the UCA: "sends mass advertising by telecommunications who does not have a direct link to requested content, or arranges for such messages to be sent, and in doing so omits to obtain the customers' consent in advance, to indicate the correct sender or to indicate a straightforward and free-of-charge possibility of refusal; anyone who, in the sale of goods, works or services, receives contact information from customers and in doing so indicates the possibility of refusal, does not act unfairly if he or she sends these customers mass advertising for his or her own similar goods, works or services without their consent."
Malware instead of voicemail
You have received "new voicemail". At the moment, the NCSC is receiving numerous reports of text messages with a link to a supposed voicemail message. Anyone who clicks on the link in the text message is taken to a fake website, where the victim is prompted to download the message. In reality, however, it is a malicious APK (Android Package Kit) file. The page is personalised and displays the victim's mobile phone number to convey a certain level of trustworthiness to the victim.
Interestingly, the page is only displayed if it is accessed from an Android smartphone. If the page is called up from a computer, the user is directed to "normal" software from Deutsche Telekom in Google Play Store. This is to make security authorities and providers believe that everything is fine so that they do not deactivate or block the page.
Never install a program from a website that you clicked on via a link in an email or text message.
Only install necessary programs and apps, and only ever download them from the manufacturer's website or an official app store.
Current statistics
Last week's reports by category
Reports per week during the last 12 months
Last modification 22.06.2021
