Cybercrimes are increasingly perpetrated under the disguise of well-known companies or even state agencies, according to the latest semi-annual briefing of the Swiss Reporting and Analysis Center for Information Assurance (MELANI).
The reportexternal link, released Thursday, found that in the first half of 2017 there was a “significant increase in emails used to distribute malicious software which allegedly were sent by federal offices and well-known companies.”
Fraudsters use these names as the source of their viral mails in order to capitalise on the high-level of integrity, and thus the chances of readers opening and spreading the contamination.
The report gave the example of emails apparently sent by the Federal Tax Administration (FTA) in May, that held up to recipients the prospect of a tax refund if they completed the attached document – which contained malware.
Cantonal police titles and addresses were also used, as were companies such as DHL, Swiss Post, and Swisscom.
The advice is to fundamentally distrust emails that arrive unsolicited, regardless of the sender.
Vigilance is also key. “In the majority of cases,” the report states, “a forgery can be quickly spotted. For example, the Federal Tax Administration only communicates by post and never by email.”
The report, published Thursday, condenses the major cyber events of the last six months in Switzerland and abroad, a period that was notably marked by the global spread of the NotPetya attacks and the WannaCry virus in spring 2017.
MELANI also highlighted that the problem of attackers using well-known media sources to place malicious third-party content continues; the high number of visitors make such online pages attractive targets, the report said.
Looking ahead to future trends, the report also brought up the issue of “political tensions being expressed digitally.” Whereas in the past walls would be sprayed with graffiti, it said, increasingly hackers target websites for political ends.
For example, after a May 2017 demonstration in Bern against Turkish president Recep Tayyip Erdogan, MELANI said it recorded various defacement attacks on Swiss sites. Visitors to the website of a local swimming pool in Bern found Turkish nationalist messages rather than the water temperatures that they were looking for.
swissinfo.ch and agencies/dos