Weekly review 52 – More than 34,000 reports in 2022

03.01.2023 - In the last weekly review of 2022, the NCSC looks back at the more than 34,000 reports received over the past twelve months. We would like to take this opportunity to thank you for all your reports. They help the NCSC to better assess the situation in cyberspace and warn potential new victims more effectively.

Week 51: Phishing using classified ads – new variant with fake Swiss Post website

27.12.2022 - The number of reports received by the NCSC declined last week. In the days after Christmas, unwanted gifts are often offered for sale on classified ad platforms. However, even when selling an item, people need to be wary of scammers and phishers, as shown by a case reported to the NCSC.

Week 50: Attacks on app providers via "SMS traffic pumping"

20.12.2022 - Last week, the NCSC received roughly the same number of reports as in the previous week, with 635 in total. One case in particular stood out: attackers attempted to obtain money from app registrations by using "SMS traffic pumping" and foreign phone numbers.

Switzerland takes part in discussions at OECD Digital Economy Ministerial Meeting

15.12.2022 - At the ministerial-level meeting of the OECD Committee on Digital Economy Policy (CDEP) in Gran Canaria, cybersecurity recommendations were approved in addition to two ministerial declarations. Switzerland was actively involved in drawing up these recommendations. Federal Cybersecurity Delegate Florian Schütz, in his function as Chair, presented the findings of the Working Party on Security in the Digital Economy (SDE). Implementing the recommendations can contribute to cybersecurity. The Swiss delegation was led by Ambassador and CDEP Vice-Chair Thomas Schneider from the Federal Office of Communications (OFCOM).

Week 49: Targeted attacks using leaked data

13.12.2022 - Last week, the NCSC received more reports than in the previous week, with 641 in total. Data leaked during data breaches can be used for targeted phishing or fraud. Therefore, regularly checking your email address for data leaks will help to protect you from unpleasant surprises.

Week 48: Phone calls from your credit card provider – apparently

06.12.2022 - Last week, the NCSC once again received fewer reports than in the previous week, with 561 in total. Particularly striking were phone calls in which fraudsters attempted to obtain confidential information. In some cases, the caller claims to be an employee of a credit card provider and tries to obtain one-time passwords.

NCSC to become federal office in DDPS

02.12.2022 - Based on the growing significance of cybersecurity and the good work done in recent years to establish the National Cybersecurity Centre (NCSC) in the Federal Department of Finance (FDF), the NCSC is to become a federal office. During its meeting on 2 December 2022, the Federal Council decided that the new federal office will be located in the Federal Department of Defence, Civil Protection and Sport (DDPS). It instructed the DDPS, in collaboration with the FDF, to define the structures of the new federal office by end-March 2023.

Federal Council submits dispatch on mandatory reporting of cyberattacks on critical infrastructures to Parliament

02.12.2022 - The Federal Council wants to introduce a reporting duty for cyberattacks on critical infrastructures. To this end, during its meeting on 2 December 2022, it adopted the dispatch on amending the Information Security Act and submitted it to Parliament. The proposal creates the legal basis for the reporting obligation for the operators of critical infrastructures and defines the tasks of the National Cybersecurity Centre (NCSC), which is intended to be the central reporting office for cyberattacks.

Update: Still over 2,000 unsecured Microsoft Exchange servers in Switzerland

01.12.2022 - Just over a fortnight ago, the NCSC called for the security patches provided by Microsoft to be installed in order to fix the ProxyNotShell vulnerability. Despite the urgency, there are still some operators that have failed to heed this call to date. Therefore, the NCSC has sent more than 2,000 registered letters to those concerned, urging them to act now.

Week 47: Targeted Office 365 phishing with additional function

29.11.2022 - Last week, the NCSC received 647 reports, fewer than in the previous week. A Microsoft Office 365 phishing scam drew particular interest. In the targeted attempt, the phishers not only chose an internet address that looked very similar to the company's actual address, but also used a trick to try to obtain other valuable information in addition to the password.

Last modification 28.12.2023

Top of page