The weeks in review

Week 22: Smishing gives way to vishing

06.06.2023 - An interesting combination of a phishing text message and subsequent voice phishing was reported to the NCSC last week. After entering his credit card details on a website opened via a phishing text message, effective security measures enabled the victim to stop his payment to the phishers. When the phishers noticed this, they called the victim and offered telephone support.

Week 21: Hacked Linux servers as a money mules

30.05.2023 - When we hear about systems being hacked, few of us would think that the cybercriminals were interested in the system's resources rather than the data stored in it. It is well known that cybercriminals often take systems over and use them to carry out computing operations for crypto-mining purposes. A case reported to the NCSC revealed another method which cybercriminals are using to try and make money with hacked systems.

Week 20: Oops! – Phishing email addressed to the wrong person

23.05.2023 - Phishers are constantly trying new ways to trick victims into providing their access details. In doing so, they also do not shy away from telling the victim that intimate pictures have supposedly been published. However, things do not always go according to plan, as a second example reported to the NCSC last week demonstrates.

Week 19: SIM swapping – how a SIM card can be stolen online

16.05.2023 - Access to many applications and digital services is now protected with two-factor authentication. Smartphones are playing an increasingly important role in this. They are not only used to run applications and services, they are also often used to generate the second factor, be it through a one-time password generator or by receiving a text message. Therefore, cybercriminals are also increasingly trying to gain access to these devices in order to obtain all the required factors. In a recent report to the NCSC, the attackers used a technique called SIM swapping to do this.

Week 18: A wolf in sheep's clothing or an incident involving a malicious software update

09.05.2023 - Software updates are an integral part of computer security. However, cybercriminals also exploit this to install malware, as shown by an example reported to the NCSC last week. To convince victims to click on the link, the attackers also used information taken from leaked data.

Week 17: Advertisement using a deepfake video for a giveaway scam

02.05.2023 - Was Elon Musk really giving away cryptocurrency, as a report last week to the NCSC indicated? No, he wasn't. In this case, fraudsters used a deepfake video and the launch of the Starship space vehicle to make their story seem credible. In the video in question, Elon Musk promised to double every cryptocurrency payment made to him and return it to the sender.

Week 16: Bug or feature – secure use of apps and social media

25.04.2022 - Every additional app poses a potential security risk. So any apps that you are no longer using should be deleted. The fewer apps you have, the easier it is to keep track of them, resulting in a lower security risk. Permission is requested when an app is used for the first time, and sometimes for updates. Many apps access personal data. An unusual example reported to the NCSC shows that these permissions can also be exploited and abused.

Week 15: NFT fraudsters target digital art

18.04.2023 - For some time now, cases of fraud involving NFT art have also been reported to the NCSC. Last week, the NCSC received two identical reports of artists being approached by a supposed art enthusiast. This person probably would have gone on to steal their digital art file. Anyone interested in NFTs ought to be able to recognise the most common scams.

Week 14: Phishing in Swiss German and an invoice from Schweizerische Rettungsfahrtwacht (imitation of Swiss Air-Rescue)

11.04.2023 - Fraudsters, phishers and enterprising schemers repeatedly refer to Switzerland to try to gain the trust of their victims and lure them into acting rashly. In a case reported to the NCSC last week, Swiss German was even used to trick the victim into providing their credit card details. In another case, the trusted name of Swiss Air-Rescue (Schweizerische Rettungsflugwacht) was misappropriated in order to prevent the victim from reading the small print.

Week 13: More than just an empty website – the business model that exploits abandoned domains

04.04.2023 - There may be more to an empty website than meets the eye, as shown by a case reported to the NCSC last week. Some Java script on an empty website redirected the visitor to a dubious website, but only if the original website had been accessed via a search engine or social media pages. Cybercriminals systematically take over abandoned domains, especially those with a trustworthy reputation and thus a good search engine ranking, and try to deliberately redirect visitors to dubious advertising websites in order to then make money using various tricks.

Week 12: Easy money, or how hackers and fraudsters launder money

28.03.2023 - Using fake identities or hacked accounts to get at money is merely the first step for cybercriminals. The methods used to cover their tracks afterwards in order to evade the investigators are just as sophisticated as the fraud itself. The repayment of a fraudulently obtain sum of money to the victim's account shines a spotlight on the shadowy world of money laundering. The NCSC is using this an opportunity to report about the recruitment of money mules.

Week 11: Fraud attempts with social media data

21.03.2023 - In CEO fraud attempts, attackers gather data from public sources in advance. They usually use company websites that list their employees and their functions. However, data on social media platforms can also be used for such fraud attempts, as shown by a case reported to the NCSC last week that targeted a company's HR department.

Week 10: Two years of the weekly review and how to dispose of a computer correctly

14.03.2023 - Two years ago, the first NCSC weekly review was published. It was the start of a weekly series in which we report on the latest cyberincidents. Each week, we provide various tips on how to protect yourself and what to do in case of an incident. Including today's, more than 100weekly reviews have been published. The NCSC would like to thank all its readers for their interest. The current review shows what risks arise when disposing of or passing on computers, smartphones and USB sticks. The number of reports received by the NCSC fell sharply last week as the wave of fake extortion is now easing.

Week 9: Threatening emails supposedly sent by the NCSC and real-time phishing

07.03.2023 - The number of reports received by the NCSC increased again in the ninth week of 2023, with 871 reports, the highest number received this year and the fourth highest in its history. Threatening emails purportedly from authorities accusing the recipient of a criminal offence accounted for the largest share. Now, the NCSC is often being given as the sender of these scam emails. Reports of phishing have also increased in the last three months. This week, a case of real-time phishing was discovered, which seeks to exploit second-factor authentication.

Week 8: Text messages supposedly from the Federal Council and other new phishing methods

28.02.2023 - The number of reports received by the NCSC rose again in the eighth week of 2023. Phishing messages in both email and text message form are among the cyberphenomena most frequently reported to the NCSC. In most cases, they are simple standard phishing attempts. However, last week saw a few very sophisticated and original variants being reported. This included apparent voice messages, password-protected phishing PDFs and phishing websites disguised as special offers on belated motorway tax sticker purchases.

Last modification 19.08.2021

Top of page