The weeks in review

05.12.2023 - Over the past few days, the NCSC has received reports about websites selling motorway tax stickers for more than CHF 40. What at first sight appears to be a fake website is actually using a technique that is already familiar to the NCSC from other contexts. Companies focus mainly on electronic services that can be directly obtained from the relevant government sites. These are then sold on for a fee.

28.11.2023 - Cybercriminals are trying new ways to trick hotels and their guests. In the emails currently being sent to hotels, they claim to have been bitten by bedbugs or that they were filmed in the hotel room and are now being blackmailed, among other things. The aim is to trick hotel employees into installing malware.

21.11.2023 - A number of phishing cases were also reported to the NCSC last week. Fraudsters continue to target customers of parcel, telephony and transport service providers very frequently. This weekly review presents two less common phishing scams.

14.11.2023 - The NCSC is once again observing a rise in reports on the following phenomenon: one of your contacts gets in touch via WhatsApp and asks you for help with an urgent problem. All you have to do is forward a code. At first glance, everything seems fine, but unfortunately the forwarding causes your WhatsApp account to be blocked. How does that happen, and what can you do to prevent it?

07.11.2023 - The NCSC has recently been receiving regular reports of telephone calls from supposed bank employees claiming to work in the security division. The callers maintain that they want to stop a fraudulent payment. The telephone number displayed corresponds to the bank's official number. This is faked/spoofed by the fraudsters to appear credible.

31.10.2023 - Threatening calls claiming to be from the authorities have been one of the phenomena most frequently reported to the NCSC since July 2023, and the surge in reports received by the NCSC is attributable primarily to them. As the calls are made during office hours, it can be assumed that the fraudsters are organised like a company.

24.10.2023 - After a short respite, the NCSC has again received several reports of malicious emails in the last two weeks that use old emails to trick the recipients into believing that they had already been in contact with each other. Since both the email sender and the old message seem familiar to the victim, the likelihood increases that the victim will click on the link and malware, in this case DarkGate, will be installed on the device. DarkGate is a downloader with advanced functions and also a door opener for ransomware.

17.10.2023 - Autumn is also trade fair season. In order to optimise trade fair planning for visitors, many organisers provide information about exhibitors and their products online. Such information is helpful for visitors, but it can also be misused by fraudsters, as illustrated by an example reported to the NCSC.

10.10.2023 - Last week, a special case of social engineering was reported to the NCSC: in the video game community, a gamer was tricked into downloading a game that eventually turned out to be malware.

03.10.2023 - The big waves of fake sextortion have been easing off for a few months now, which seems to indicate that the phenomenon is no longer so lucrative for the scammers. The approach has been repeatedly adapted in the past in order to nevertheless find victims willing to pay among those who received the emails. With the latest version, it is no longer possible to rule out the possibility that malware has actually infected the computer. The attackers present a recent screenshot of the victim's computer as proof.

26.09.2023 - A key element for every company is customer relations. The customer is king, so they say. As a result, companies are keen to fulfil their customers' every wish. This approach is regularly exploited by hackers. A particularly sophisticated case was reported to the NCSC last week. Every company should therefore consider what company data it publishes on its website, as this can be used for fraud, but also for phishing.

19.09.2023 - In recent months, cybercriminals have come up with a variety of fake support scams that are aimed at installing a remote access tool on the victim's computer and then making credit card payments or e-banking transactions.

12.09.2023 - For the past two years, threatening emails purporting to come from the police or other authorities have been among the most reported cases at the NCSC. After using similar content for a long time, the attackers are now using a new variant to try and unsettle the recipients with allegations of tax evasion.

05.09.2023 - Fake job offers have already been reported on in previous NCSC weekly reviews. New variants have emerged in recent weeks. In contrast to previous approaches, payments do not have to be made before starting work, but only once the victim has started work.

29.08.2023 - Fraudsters use various methods to optimise their spam lists. Last week, the NCSC discovered scam emails that exploit the read receipt function. In these cases, if the recipients confirm that they have opened and read the email, they receive further scam emails that increase the pressure and urge them to pay.