The weeks in review

31.01.2023 - The number of reports received by the NCSC fell slightly again in the fourth week of 2023, with 716 reports. In a recent case, a bogus receptionist contacted a hotel guest in order to obtain credit card details and to persuade him to make an additional payment. Following on from such cases being observed in France in recent weeks, a case has now also been reported in Switzerland. The guests' booking data is stolen in advance from the affected hotels by the RedLine Stealer malware.

24.01.2023 - QR codes are becoming increasingly popular and are used for various purposes. They are used not only to provide links to websites, but also to organise entire logistics processes. QR codes have also found their way into invoices. Effective since 1 October 2022, only invoices with QR codes are accepted in Switzerland. Clearly, QR codes can also be misused, as illustrated by two examples reported to the NCSC last week.

17.01.2023 - In the second week of 2023, the number of reports received by the NCSC was up significantly on the first week of the new year, with a total of 836 reports. The already familiar CEO fraud scam is currently experiencing a revival, with the scammers not only sending emails, but also calling the victims to stress their fraudulent demands.

10.01.2023 - With a total of 559 reports, the number of reports received by the NCSC in the first week of 2023 has increased again compared to the previous week. A report on a Google search that returned dubious search results turned out to be a case of search engine manipulation. Numerous websites were hacked with the aim of tricking Google's search algorithm.

03.01.2023 - In the last weekly review of 2022, the NCSC looks back at the more than 34,000 reports received over the past twelve months. We would like to take this opportunity to thank you for all your reports. They help the NCSC to better assess the situation in cyberspace and warn potential new victims more effectively.

27.12.2022 - The number of reports received by the NCSC declined last week. In the days after Christmas, unwanted gifts are often offered for sale on classified ad platforms. However, even when selling an item, people need to be wary of scammers and phishers, as shown by a case reported to the NCSC.

20.12.2022 - Last week, the NCSC received roughly the same number of reports as in the previous week, with 635 in total. One case in particular stood out: attackers attempted to obtain money from app registrations by using "SMS traffic pumping" and foreign phone numbers.

13.12.2022 - Last week, the NCSC received more reports than in the previous week, with 641 in total. Data leaked during data breaches can be used for targeted phishing or fraud. Therefore, regularly checking your email address for data leaks will help to protect you from unpleasant surprises.

06.12.2022 - Last week, the NCSC once again received fewer reports than in the previous week, with 561 in total. Particularly striking were phone calls in which fraudsters attempted to obtain confidential information. In some cases, the caller claims to be an employee of a credit card provider and tries to obtain one-time passwords.

29.11.2022 - Last week, the NCSC received 647 reports, fewer than in the previous week. A Microsoft Office 365 phishing scam drew particular interest. In the targeted attempt, the phishers not only chose an internet address that looked very similar to the company's actual address, but also used a trick to try to obtain other valuable information in addition to the password.

22.11.2022 - Last week, the NCSC received its 30,000th report for this year. Among them was a report concerning several unsolicited parcels that were delivered in what turned out to be an attempted brushing scam. The fraudsters typically pay for the parcels, but the victim in this case did not receive the parcels as a gift, and is now supposed to pay the outstanding invoices.

15.11.2022 - The number of reports received by the NCSC rose sharply compared to the previous week. Once again, threatening emails in the name of the police were the reason. An email sent to the NCSC in Cyrillic script also attempted to distribute the Xloader/Formbook malware.

08.11.2022 - The number of reports received by the NCSC was once again up slightly on the previous week. In recent weeks, there has been a considerable jump in the number of reports submitted to the NCSC about hacked accounts for a wide range of online services. The damage caused by stolen login credentials can be greatly reduced by using different passwords and a password manager.

01.11.2022 - The number of reports received by the NCSC was up on the previous week. Last week, there were reports of an internet address under which several well-known financial institutions were imitated on dynamically generated websites. Such fake bank websites are mainly used for advance-fee fraud, but also for romance scams, like in this case. Also in the case of a phishing website that targeted web administrators, the fraudsters had designed the website dynamically.

25.10.2022 - The number of reports received by the NCSC remained unchanged compared to the previous week. Last week saw an increase in reports of phishing and fraud related to financial services offered by Revolut. Fraudsters also posed as the German financial market supervisory authority and contacted victims of investment fraud, claiming to be able to retrieve their lost assets – for a fee, obviously.