The weeks in review

Week 20: E-mails warning of fake viruses

20.05.2025 - Cybercriminals are constantly trying to make money through scam e-mails. One tactic that has been around for years and is still relevant plays on people’s fear of computer viruses. Recently, we have received an increasing number of reports about this type of scam. In these cases, however, the scam works not by tricking you with a fake site, but by redirecting you to a legitimate one.

Week 19: E-mails purporting to be from SBB spread malware

13.05.2025 - Fake e-mails claiming to be from SwissPass or SBB are a common occurrence. We frequently receive reports of such e-mails, which are usually phishing attempts. However, a particularly convincing version is currently being used to spread malware targeting Android devices.

Week 18: Beware of voice phishing in the name of banks, crypto exchanges, PayPal and TWINT

06.05.2025 - Criminals use voice phishing to steal money and sensitive information. They call people pretending to be from well-known institutions such as banks, PayPal, TWINT or crypto exchanges. Many such cases continue to be reported to the National Cyber Security Centre (NCSC).

Week 17: Ongoing CEO scams targeting Swiss communes

29.04.2025 - The NCSC is observing an ongoing wave of CEO fraud attempts. Over the past week, the NCSC has received an increasing number of reports of criminals posing as senior local government staff attempting to persuade employees to buy gift cards or make payments online. This week's report highlights the latest methods being used, explains why local government is being targeted and provides information on how communal authorities (and everyone else) can protect themselves.

Week 16: Reusing old devices: great for the planet, but keep these tips in mind

22.04.2025 - Last week the NCSC received an unusual report from a person who had disposed of their broken laptop and was later contacted by someone from abroad claiming to have found their data on a newly bought laptop and have uploaded it to a cloud server. They asked if the previous owner still needed the data and wanted to download it, or if they should delete it. It’s a mystery how this data ended up in someone else’s possession. Could this be a blackmail attempt or a strategy to spread malware? The answer is surprising.

Week 15: «Chain phishing» can happen on social media too

15.04.2025 - Social networks such as Facebook, Instagram, X and Snapchat are particularly attractive to cybercriminals because of their high level of user engagement. By stealing login credentials and gaining access to a social media account, scammers can share content and view private information. This opens up a range of malicious possibilities: they can post scam ads, spread false information about people or companies, or even blackmail victims. And by pretending to be the person whose credentials they have stolen, they can target that person’s friends and exploit them too. This can start a chain reaction where many people fall for the scam.

Week 14: Classifieds phishing – fivefold increase in reports in a year

08.04.2025 - The NCSC regularly warns about classifieds scams. Classifieds offer scammers a wide range of opportunities: typical examples of scams include selling non-existent goods or failing to pay for goods that have already been shipped. In recent weeks, there has been a sharp increase in reports of classifieds phishing – a type of scam that targets credit card details, Twint and even e-banking accounts.

Week 13: Visiting the UK (and other countries) – be careful when applying for an ETA/ESTA

01.04.2025 -Swiss citizens wishing to travel without a visa to certain countries (e.g. the USA, Canada, Australia, New Zealand and, from 2 April, the UK) need an electronic travel authorisation. We are seeing an increase in private providers offering assistance in applying for such authorisations, but the added value of these services is often questionable and there is a significant risk of fraud. Application processes can be complex, and scammers are taking advantage of this by creating official-looking websites to trick people into giving up their information and money.

Week 12: Ticket scammers target buyers and sellers

25.03.2025 - We regularly receive reports of ticket fraud, and with ticket sales for this year’s open-air season and the upcoming Eurovision Song Contest about to begin, the number of scams is likely to increase in the coming weeks. Scammers take advantage of the fact that demand for tickets outstrips supply: they resell tickets at inflated prices, sell counterfeit tickets and put fake ads on the internet. In an unusual and frequently reported scam, they try to lure their victims to a fake website. Exercise caution and don’t let scammers fool you.

Week 11: Chain phishing with Microsoft 365

18.03.2025 - Over the past week, we have seen a number of chain phishing attempts targeting Microsoft 365 accounts in organisations. The aim of these attacks is to gain access to accounts in order to steal sensitive data that can be used for further attacks. What makes this type of phishing scam unique is the way that it spreads, in a kind of chain reaction. As one of the most widely used platforms for communication and collaboration in offices, Microsoft 365 accounts are an interesting target for cybercriminals.

Week 10: Involuntary subscriptions when visiting legitimate websites

11.03.2025 - Last week we received a report about what appeared to be a dodgy car owner enquiry website – but a check of the website revealed no irregularities and we found the site to be legitimate. However, the person who submitted the report did incur unwanted costs.

Week 9: Hotels and guests targeted by cybercriminals

04.03.2025 - In several of our weekly reviews we have reported on cyberattacks on hotels and their guests. In the last few days we have received a number of fraud reports from hotel guests. In most cases, the cyberattackers had gained access to a hotel's reservation information.

Week 8: Phishing tricks – deceptive emails and how you can protect yourself

25.02.2025 - Phishing continues to be one of the most commonly reported scams – and unfortunately one that many people fall victim to. Scammers go to great lengths to make their messages look as real as possible, using a variety of tricks to increase their chances of success.

Week 7: How celebrities are impersonated for investment scams

18.02.2025 - When using the internet today, you often come across scam websites that were designed to look like official news or TV sites. The scammers claim that you can make a fortune if you invest a little of your money with them, and they quote celebrities in fake interviews to give themselves credibility. These scam sites are just a click away and are promoted through ads and links on social media, streaming sites and elsewhere.

Week 6: Scam emails from PayPal sent via Microsoft

11.02.2025 - Criminals are using an interesting scam to lure unsuspecting victims into calling a fake PayPal number. All they need is a PayPal account and a free service provided by Microsoft.

Last modification 28.12.2023

Top of page

https://www.ncsc.admin.ch/content/ncsc/en/home/aktuell/im-fokus/wochenrueckblicke.html