Author: Federal Office of Cybersecurity (BACS)
Source: https://www.ncsc.admin.ch/ncsc/de/home/aktuell/im-fokus/2025/wochenrueckblick_50.html
Publication Date: 16.12.2025
Reading Time: approx. 4 minutes
Executive Summary
The Federal Office of Cybersecurity warns of a growing callback scam wave that replaces traditional link-based phishing attacks with telephone baiting. Criminals pose as bank or support employees and use social engineering to gain access to sensitive data or devices. This strategy is particularly insidious because it bypasses classic technical protection measures and relies on human trustworthiness.
Critical Key Questions (liberal-journalistic)
- Freedom & Personal Responsibility: How can citizens act self-determinedly when fraudsters authentically impersonate trusted brands and authorities?
- Transparency: Why are banks and service providers not more strongly obligated to proactively secure their communication channels and validate customers?
- Accountability: Do software providers (AnyDesk, TeamViewer) bear shared responsibility for misuse of their remote access tools?
- Innovation: What technical or organizational solutions could structurally prevent callback scams?
- Justice: Who bears financial responsibility for successful fraud cases – banks, platforms, or users?
Scenario Analysis: Future Perspectives
| Time Horizon | Expected Development |
|---|---|
| Short-term (1 year) | Increase in callback scams; criminals use AI for more convincing messages and voice clones. |
| Medium-term (5 years) | Standardization of two-factor authentication in financial services; higher reimbursement rates due to regulatory pressure. |
| Long-term (10–20 years) | Implementation of blockchain-based identity verification; shift to zero-trust architectures in financial institutions. |
Main Summary
Core Topic & Context
Callback scam is a new fraud scheme in which criminals send false payment requests via SMS or email and pressure victims to call a fake customer service number. There, fraudsters pose as bank or support team employees and manipulate victims into installing remote access software or revealing credit card details. The Federal Office of Cybersecurity records a significant increase in such cases.
Key Facts & Figures
- Fraudsters use real brand names: UBS, Amazon, TWINT, PayPal, Norton, McAfee, Avast, and the Federal Tax Administration (ESTV)
- Damage amounts in many cases in the three-digit to five-digit Swiss franc range ⚠️ (exact statistics not mentioned in article)
- Technical challenge: No suspicious links in the message → spam filters fail
- Perpetrators use remote access software (AnyDesk, TeamViewer) to take over devices
Stakeholders & Those Affected
| Stakeholder | Role |
|---|---|
| Private individuals | Primary victims; loss of savings and data exposure |
| Banks & Fintech | Reputational risk; enhanced customer education needed |
| Authorities (ESTV, etc.) | Identity theft; loss of trust |
| Cybercriminals | Beneficiaries; low inhibition threshold |
| Software providers | Tool misuse; potentially stricter regulation |
Opportunities & Risks
| Opportunities | Risks |
|---|---|
| Increased awareness of social engineering | Massive financial losses for vulnerable groups |
| Catalyst for regulation (stronger bank responsibility) | Trust crisis in digital services |
| Innovation in authentication & verification | Rising costs for security infrastructure |
| Collaboration BACS–Banks–Police | Psychological trauma for victims |
Action Relevance
For Private Individuals:
- Never use unsolicited phone numbers from emails
- Research official contact details yourself (website, account statement)
- Reject remote access; legitimate service providers do not demand this
- Report suspicious messages to BACS
For Businesses & Banks:
- Launch proactive customer education campaigns
- Integrate callback scam indicators into fraud detection systems
- Strengthen reimbursement policies (victim protection)
For Regulators:
- Require remote access software providers to implement security guidelines
- Review liability of financial institutions for authentication deficiencies
Quality Assurance & Fact-Checking
- [x] Central statements verified (BACS source reliable)
- [x] Unconfirmed data marked with ⚠️ (missing damage statistics)
- [x] Concrete examples (UBS, TWINT, PayPal, ESTV) comprehensible
- [x] Bias check: text is objective, no political one-sidedness detected
- [ ] Web research on current statistics not conducted (would require external sources)
Supplementary Research
- Federal Office of Cybersecurity (BACS) – Official reporting platform for phishing & callback scams
- Swiss Bankers Association (SBVg) – Guidelines for customer protection and fraud prevention
- National Cybersecurity Center (NCSC) – Current threat intelligence and best practices
Sources
Primary Source:
Federal Office of Cybersecurity (BACS). Weekly Review Week 50: Callback with financial consequences. 16.12.2025.
https://www.ncsc.admin.ch/ncsc/de/home/aktuell/im-fokus/2025/wochenrueckblick_50.html
Verification Status: ✓ Facts checked on 16.12.2025 (BACS original source)
This text was created with support from Claude.
Editorial responsibility: clarus.news | Fact-check: 16.12.2025