The Swiss National Cyber Security Centre (NCSC) has published its semi-annual report for the second half of 2023: over 30,000 incident reports — a figure almost double that of the same months in 2022.

The fastest-growing threats

CEO Fraud

An employee — often in the payments or accounting department — receives an email apparently signed by the CEO or a senior manager. The message requests an urgent and confidential bank transfer to a specified account. The email is forged or sent from a compromised account.

This scam caused significant losses at several Swiss companies in 2023. It disproportionately affects SMEs, where direct communication with management is frequent and verification procedures are less formalised.

Invoice fraud

A similar variant: the attacker intercepts or falsifies an invoice from a real supplier, replacing the IBAN with one controlled by the fraudsters. The payment is processed normally — to the wrong account.

Evolved phishing

Phishing messages in 2023 are significantly more convincing than in the past. The use of generative AI tools has enabled criminals to produce grammatically flawless texts, personalised for the recipient and visually indistinguishable from genuine communications.

How to protect yourself

For CEO fraud and invoice fraud, technological protection matters less than organisational procedure:

  • Any unusual transfer request must be verified by telephone with the requester, using a known number (not one from the email)
  • Supplier IBAN changes must follow a verification process separate from the email channel
  • Employees must be trained to recognise these types of attack

The NCSC offers free training materials at ncsc.admin.ch.


Sources