The weeks in review

23.04.2024 - The NCSC frequently receives reports from victims where the scam emails seem plausible because they happen to match a current situation. In such cases, it is particularly difficult to spot scam emails, as shown by three examples that have been reported to the BACS in recent weeks. However, by following a few basic rules, it is still possible to spot such emails.

16.04.2024 - The NCSC has been monitoring the phenomenon of fake calls from alleged police authorities for nine months now. In the last three weeks, reports reaching the NCSC about this phenomenon have almost tripled and account for the highest number of reports received since the contact point was founded. However, the high number of incoming reports is not all bad.mittlerweile das Phänomen der gefälschten Anrufe von angeblichen Polizeibehörden. In den letzten drei Wochen haben sich die Meldungen zu diesem Phänomen beim BACS nahezu verdreifacht und sind verantwortlich für den höchsten Meldeeingang seit Gründung der Anlaufstelle. Der hohe Meldeeingang ist jedoch nicht nur negativ einzustufen.

09.04.2024 - The finance department receives a supposedly urgent payment request from the boss. The boss explains that if the person in accounts does not make the payment as quickly as possible, there will be serious consequences for the company as it risks losing an important order. The request usually cannot be queried as the boss is then not available. That is generally the scenario in cases of CEO fraud. Most of these attacks are not very sophisticated and easy to spot. However, artificial intelligence and deepfakes do not stop at this rather simple fraud method, as a recent example reported to the NCSC shows.

02.04.2024 - Federal Councillors are highly respected, widely trusted and enjoy a good reputation in Switzerland. Scammers take advantage of this: to lend credibility to their threatening emails, they make them look like they were sent by a member of the Federal Council. The scammers threaten their victims with criminal charges, usually for illegal pornography, unless they pay a certain amount of money.

26.03.2024 - Online shopping has become increasingly popular, and not just since the pandemic. Nevertheless, caution is required: in the worst case scenario, purchases made online may have unwished-for legal consequences. This is illustrated by the case of a man who received a counterfeit branded item.

19.02.2024 - Strong and complex passwords are key when it comes to protecting access to internet services. However, complex passwords have the disadvantage that they are difficult to remember, which tempts many users to either reuse the same password for multiple accounts or create straightforward passwords. This in turn significantly reduces the level of security. It is therefore worth considering using a password manager. However, as an example reported to the NCSC this week shows, that can also have its pitfalls.

12.03.2024 - Most of the phishing-related complaints received by the NCSC relate to emails or text messages designed to look like they originate from Swiss Post, the SBB/SwissPass or banks. In this edition of the week in review, we look at a variation on this theme targeting users of booking.com.

05.03.2024 - Phishing attempts are among the most frequently reported cyberincidents at the NCSC. Cybercriminals use social engineering methods that they tailor to their target groups. For instance, players of the popular video game "Counter-Strike 2" are currently being asked to take part in a fake vote.

27.02.2024 - Classified ad fraud is one of the offences most frequently reported to the police. The fact that new variants continually arise shows that this is a lucrative business for scammers. Three new types of social engineering attacks reported to the NCSC in recent weeks are designed to trick users of the TWINT payment app.

20.02.2024 - Computer games are very popular and, as in real life, not everyone always plays by the rules. The following report explains how searching for ways to cheat a game can end badly.

13.02.2024- The NCSC frequently receives reports of hacked social media accounts or unknown online purchases. In many cases, the scam can be traced back to a hacked email account. Unfortunately, people tend to underestimate the importance of protecting their email accounts.

06.02.2024 - The NCSC was recently notified of a case where hackers managed to break into a person's home network. After encrypting family photos and other personal data, they issued a ransom note demanding a substantial sum of money.

30.01.2024 - Many internet users will now recognise phishing attempts when they see them. The main thing is not to click on the link: just ignore or delete the email or text message. Still, a lot of people are tempted to click on the link anyway and enter a made-up name or a password comprising a random combination of letters, just to give the scammers a hard time. This sort of data, which is totally worthless to scammers, then gets mixed up with real credentials stolen from unsuspecting victims. Before they can use or sell lists of stolen passwords, the scammers have to screen out all the junk data – and that takes a lot of time. So they are always looking for new tricks to keep their password lists as clean as possible.

23.01.2024 - Last week, the NCSC received several messages concerning the e-commerce platform Etsy. Immediately after creating an account, new sellers receive a message, purportedly from Etsy, stating that the seller must verify payment before the shop can be activated. This, however, is a phishing message.

16.01.2024 - Classified ad fraud is one of the phenomena that is very frequently reported to the NCSC. This type of fraud involves either the buyers or sellers of goods in classified ads on one of the common internet platforms. The reason why the fraudsters often allege that they live in a remote area is explained here.