The weeks in review

Week 4: Malware in hotels: booking data used for fraud against hotel guests

31.01.2023 - The number of reports received by the NCSC fell slightly again in the fourth week of 2023, with 716 reports. In a recent case, a bogus receptionist contacted a hotel guest in order to obtain credit card details and to persuade him to make an additional payment. Following on from such cases being observed in France in recent weeks, a case has now also been reported in Switzerland. The guests' booking data is stolen in advance from the affected hotels by the RedLine Stealer malware.

Week 3: From invoice manipulation to subscription scams – a growing number of different types of fraud using QR codes

24.01.2023 - QR codes are becoming increasingly popular and are used for various purposes. They are used not only to provide links to websites, but also to organise entire logistics processes. QR codes have also found their way into invoices. Effective since 1 October 2022, only invoices with QR codes are accepted in Switzerland. Clearly, QR codes can also be misused, as illustrated by two examples reported to the NCSC last week.

Week 2: CEO fraud targeting companies in French-speaking Switzerland – the scammers also contact their victims by phone

17.01.2023 - In the second week of 2023, the number of reports received by the NCSC was up significantly on the first week of the new year, with a total of 836 reports. The already familiar CEO fraud scam is currently experiencing a revival, with the scammers not only sending emails, but also calling the victims to stress their fraudulent demands.

Week 1: Hacked websites exploited for search engine optimisation

10.01.2023 - With a total of 559 reports, the number of reports received by the NCSC in the first week of 2023 has increased again compared to the previous week. A report on a Google search that returned dubious search results turned out to be a case of search engine manipulation. Numerous websites were hacked with the aim of tricking Google's search algorithm.

Weekly review 52 – More than 34,000 reports in 2022

03.01.2023 - In the last weekly review of 2022, the NCSC looks back at the more than 34,000 reports received over the past twelve months. We would like to take this opportunity to thank you for all your reports. They help the NCSC to better assess the situation in cyberspace and warn potential new victims more effectively.

Week 51: Phishing using classified ads – new variant with fake Swiss Post website

27.12.2022 - The number of reports received by the NCSC declined last week. In the days after Christmas, unwanted gifts are often offered for sale on classified ad platforms. However, even when selling an item, people need to be wary of scammers and phishers, as shown by a case reported to the NCSC.

Week 50: Attacks on app providers via "SMS traffic pumping"

20.12.2022 - Last week, the NCSC received roughly the same number of reports as in the previous week, with 635 in total. One case in particular stood out: attackers attempted to obtain money from app registrations by using "SMS traffic pumping" and foreign phone numbers.

Week 49: Targeted attacks using leaked data

13.12.2022 - Last week, the NCSC received more reports than in the previous week, with 641 in total. Data leaked during data breaches can be used for targeted phishing or fraud. Therefore, regularly checking your email address for data leaks will help to protect you from unpleasant surprises.

Week 48: Phone calls from your credit card provider – apparently

06.12.2022 - Last week, the NCSC once again received fewer reports than in the previous week, with 561 in total. Particularly striking were phone calls in which fraudsters attempted to obtain confidential information. In some cases, the caller claims to be an employee of a credit card provider and tries to obtain one-time passwords.

Week 47: Targeted Office 365 phishing with additional function

29.11.2022 - Last week, the NCSC received 647 reports, fewer than in the previous week. A Microsoft Office 365 phishing scam drew particular interest. In the targeted attempt, the phishers not only chose an internet address that looked very similar to the company's actual address, but also used a trick to try to obtain other valuable information in addition to the password.

Week 46: Unsolicited parcels from fraudsters – as gifts and sometimes also with an invoice

22.11.2022 - Last week, the NCSC received its 30,000th report for this year. Among them was a report concerning several unsolicited parcels that were delivered in what turned out to be an attempted brushing scam. The fraudsters typically pay for the parcels, but the victim in this case did not receive the parcels as a gift, and is now supposed to pay the outstanding invoices.

Week 45: Phishing emails containing malware and other dubious emails to the NCSC

15.11.2022 - The number of reports received by the NCSC rose sharply compared to the previous week. Once again, threatening emails in the name of the police were the reason. An email sent to the NCSC in Cyrillic script also attempted to distribute the Xloader/Formbook malware.

Week 44: Increase in hacking with stolen data

08.11.2022 - The number of reports received by the NCSC was once again up slightly on the previous week. In recent weeks, there has been a considerable jump in the number of reports submitted to the NCSC about hacked accounts for a wide range of online services. The damage caused by stolen login credentials can be greatly reduced by using different passwords and a password manager.

Week 43: One size fits all for fake bank websites too

01.11.2022 - The number of reports received by the NCSC was up on the previous week. Last week, there were reports of an internet address under which several well-known financial institutions were imitated on dynamically generated websites. Such fake bank websites are mainly used for advance-fee fraud, but also for romance scams, like in this case. Also in the case of a phishing website that targeted web administrators, the fraudsters had designed the website dynamically.

Week 42: Fake German financial market supervisory authority promises to retrieve funds lost to fraud

25.10.2022 - The number of reports received by the NCSC remained unchanged compared to the previous week. Last week saw an increase in reports of phishing and fraud related to financial services offered by Revolut. Fraudsters also posed as the German financial market supervisory authority and contacted victims of investment fraud, claiming to be able to retrieve their lost assets – for a fee, obviously.

Last modification 19.08.2021

Top of page

https://www.ncsc.admin.ch/content/ncsc/en/home/aktuell/im-fokus/wochenrueckblicke.html