Caution! Clever was in Switzerland: How to protect your account!

Caution! Clever was in Switzerland: How to protect your account!

The Federal Office for Cyber ​​Security (BACS) warns of a new fraud stitch that also affects experienced internet users in Switzerland. This method does not target a broad mass, but is specifically on targeted persons. The fraudsters use a sophisticated procedure that includes both fake emails and calls.

In a first step, the perpetrators send emails that are sent on behalf of banks. These emails require an alleged "compliance update" and lead the victims to a deceptively real website, where personal data such as name, telephone number and contract number are queried. The victims are then forwarded to the real bank website, which increases the credibility of the stitch.

refined callers and extreme caution

The second element of these fraud stitches are calls that the frauds carry out with a real bank number, a tactical procedure that is known as a spoofing. During the conversation, the callers have personal information from the victims and thus create a relationship of trust. The aim of these discussions is to persuade those affected to an allegedly suspicious transaction.

In a particularly perfidious step, the fraudsters ask their victims to scan a QR code with their e-banking app. In this way, they try to undermine the two-factor authentication and thus gain access to the bank accounts of those affected. This phenomenon shows how criminal structures are increasingly also being able to deal with security measures that were previously considered effective, which illustrates the danger of these fraud stitches.

underlying problems in the area of ​​cyber security

The new mesh reveals the weaknesses in cyber security and the effectiveness of traditions such as two-factor authentication (2FA). This was seen as a reliable protection against phishing attacks for a long time, but is increasingly losing effectiveness. Cybercriminals have further developed their tactics and use sophisticated methods that can deceive well -trained security employees themselves. According to a Bitkom study, around 25 % of the companies surveyed were affected by phishing damage in 2024.

companies are advised to pursue a holistic approach to combating phishing attacks. This should include regular training to raise awareness of employees, robust technical protection precautions and modern authentication methods. Innovative approaches such as FIDO2 and Passkeys enable password-free registrations and offer additional protection against Man-in-the-middle attacks.

In a guide published by the CISA, specific recommendations for combating such phishing techniques are provided. This guide is aimed at all organizations, including small and medium-sized companies that want to protect their cyber resources.

Overall, the current situation shows that the methods of cybercriminals are becoming more and more sophisticated and simple precautions are no longer sufficient. Users and companies must therefore remain vigilant and apply modern security strategies to protect themselves from such attacks.

recommendations of the BAC are never to respond to confirmation of QR codes by telephone, as this can lead to a loss of bank access. The Council to find out about the latest techniques and recommendations to ensure internet security is now more important than ever.

Visit the following links for more information: vol.at , indevis.de , cisa.gov