The weeks in review

30.12.2025 - In its final weekly review of the year, the NCSC typically reflects on the reports it has received over the past twelve months. This year, the NCSC received almost 65,000 reports of cyberincidents, which represents a significantly smaller increase than in previous years. Although reports concerning 'calls supposedly from the police' still dominated in 2025, more reports in this category were recorded in the first half of the year than in the second. This decline was offset by a substantial rise in the number of reports concerning 'online investment fraud'. Despite only a moderate increase in reporting volume, scams have become much more sophisticated.

23.12.2025 - Christmas is considered a time of hope and reflection, and this is precisely what fraudsters who pose as alleged helpers are counting on. They tell victims who have lost money through online investment fraud, for example, the good news that these lost funds have 'reappeared'. But the miracle never happens. Instead of a refund, victims are presented with bills, and are pressured to pay various 'service fees' until it becomes clear that the promised refund will never materialise. This is how the promised Christmas miracle turns out to be fraud.

16.12.2025 - Last week, the National Cyber Security Centre (NCSC) received an increasing number of reports about a scam that has been observed for some time. In this case, the victim is not pressured to click on a link, as is usually the case. Instead, under the pretext of an alleged suspicious transaction, they are asked to call back a telephone number. However, anyone who dials the number will not be connected to customer service, but directly to the fraudsters' call centre.

09.12.2025 - Cybercriminals leverage how application processes work to build trust and manipulate job seekers. Enticing employment opportunities on fake profiles seem attractive and authentic, lowering candidates' level of vigilance. The hope of a successful job offer can lead to job seekers acting rashly, which scammers exploit to their own advantage.

02.12.2025 - A current phishing campaign is misusing the name "SERAFE". Under the pretext of needing to "verify your current living situation", scammers are attempting to steal large amounts of personal information. In addition to data such as name, email address, date of birth and telephone number, scammers are also asking for AHV numbers, the date of any change of address and, ultimately, credit card details. This week's review explains why this specific combination of data is particularly useful to scammers and how you can protect yourself against them.

25.11.2025 - As the days get shorter and temperatures drop, discounts are heating up. With Black Friday and Cyber Monday fast approaching, online retailers are preparing for the busiest time of the year. Consumers are looking for the best deals. And, unfortunately, scammers are busy too – and they're ready to profit from the rush.

18.11.2025 - There have been an increasing number of reports in recent weeks of scam websites claiming to belong to real Swiss companies. The affected companies often do not have their own website but are listed in the ZEFIX commercial register. Companies with a web presence can also be targeted. Scammers deliberately exploit the "Swissness factor" to create a sense of trust, as Swiss companies are generally considered reliable and trustworthy. Scammers exploit this perception to manipulate their victims.

11.11.2025 - Fewer and fewer people are falling for mass phishing attempts, so scammers are constantly refining their tactics. Instead of sending out large numbers of identical emails, they now focus on current social and economic issues and adapt their scams accordingly. Their messages are more targeted and sophisticated, designed to appear credible to the specific people they want to reach.

04.11.2025 - The NCSC has received reports of cases where iPhone owners have received a text message claiming that their lost or stolen device has been found abroad, months after it went missing. While such messages offer the hope of getting your phone back, they are in fact a targeted attempt to steal your Apple ID credentials. This week's review examines how these scams work in more detail.

28.10.2025 - The NCSC regularly receives questions from concerned members of the public such as: "How do the scammers know my name, my bank, or even my address?" It's a fair question. Fraudulent calls and emails often seem convincing precisely because they contain personal details we assume are private. The answer is complex and demonstrates just how methodical modern cybercriminals have become.

21.10.2025 - The NCSC regularly receives reports of phishing emails targeting TWINT users. These scams aim to steal credit card details or take over TWINT accounts – and not all of them rely on phishing websites. One recent case, which looked harmless at first but turned out to be carefully planned, involved a personal message and an early-morning money request designed to catch people off guard.

14.10.2025 - Scam attempts come in many forms and are a regular topic in the NCSC's weekly reviews. In this case, however, it is not necessarily law-abiding citizens who are being duped. The focus is instead on people who don't always play by the rules themselves.

07.10.2025 - Exercise caution when selling things online. A well-known scam involving classified ad platforms has taken a dangerous turn: in addition to using phishing websites to harvest credit card details, criminals are now trying to trick victims into installing malware. Info stealer malware captures not just individual login credentials, but all passwords, financial details, and personal data stored on the computer. This week's review examines this new tactic and explains how you can protect yourself.

30.09.2025 - Last week the NCSC received an uptick in reports of phishing attempts that combine phishing with bogus support calls. The aim is to apply pressure and single out particularly susceptible targets.

23.09.2025 - Last week, the NCSC received a higher than usual number of reports about recovery scams. With this type of scam, people who have already fallen victim to investment fraud are targeted a second time. The scammers claim to have recovered the missing money and offer to return it – for a fee. To lend credibility, they often invoke public institutions, for example by posing as an NCSC employee.