Cybersecurity: Why it affects everyone

One of the main reasons may be the digital footprint we often leave behind on the internet without thinking: a photo posted on Instagram conveys metadata (e.g. your location). A team photo in the background of a video on TikTok can reveal which club you are involved in (and therefore what your interests are). Or comments on X can reveal information about your values or even personal data such as your full name.

We are also more connected than we think: our smartphones not only store photos, but also locations, contacts and payment details. Laptops often know all our passwords. And Wi-Fi routers are the inconspicuous gateway to the vast digital world. Be aware of all these sources of information, because hackers specifically search for them.

Because cybercriminals usually target personal data such as login details when phishing, your digital identity can quickly become a multiplier in the spread of phishing traps or malware (we explain what malware is here) in the event of a cyber incident.

If your email account is affected, for example, hackers may write to your contacts in your name. Or they may have incoming emails automatically forwarded to them in order to obtain further personal data from you. If you also use your laptop for work and it has been infected with malware, the cyber incident suddenly also affects your business – and thus all company data.

In short: if you get hit, others usually get hit too. Hackers want exactly that – you probably don't.

Your personal responsibility when it comes to cyber security is crucial: do you still write your passwords on a Post-it note and stick it to your computer, or do you store them securely in your head or in a password manager? Do you always choose the same password for convenience, or do you consciously use a different one each time you log in to increase your security? Smartphones should be protected with a PIN so that all your data is not freely available if your phone is stolen.

As you can see, being mindful of your digital security and remaining sceptical when asked for data is your best protection. Technical measures such as a password manager can help: you don't have to remember all your passwords, but they are still kept safe. However, the responsibility for using such secure tools lies entirely with you: there are no excuses(opens in new tab) for not protecting your privacy and your devices.

Cyber attacks often begin with phishing – usually via email, but by no means exclusively. You can also encounter phishing via text message (known as smishing) or on websites. Be aware that cybercriminals are creative too: QR codes in public places can be covered up and lead to fake websites, for example. So stay alert in your everyday life – not just when you're sitting at your laptop. The basic principle is always the same: cybercriminals use manipulative text to try to get you to click on a malicious link that infects your devices with malware or shares your personal information with cybercriminals.

They often combine urgency with apparent authority – for example, a supposed security check by your bank. This stirs up fear: ‘Your account will be blocked’ to get you to take action. Fake official documents are also popular: fake court and official notices or password-protected folders containing malware or ransomware.

Phishing: 305 of 1,322 reported cyber incidents in week 28/2025(opens in new tab)

Malware is the umbrella term for malicious software that cybercriminals secretly install on your device. The aim of cybercriminals is to gain access to more of your data or your system, or to take complete control of it.

Particularly unpleasant in this context is ransomware – a type of digital blackmail. The malware encrypts your data and renders it unusable. There are different types of ransomware: sometimes it only pretends to encrypt your data or locks your screen.

Only after you pay a ransom do the cybercriminals promise to release your data again. But can you trust them? Even after paying, there is no guarantee that you will get your data back.

Malware often finds its way onto your device through phishing emails, infected USB sticks or downloads from unsafe sources (e.g. dubious online shops). Once installed, it works in secret and is usually difficult to detect – until it is too late.

You can find out more about ransomware at Swisscybersecurity.net(opens in new tab). 

A data leak occurs when personal information is unintentionally made public, usually through hacker attacks on companies or insecure databases. You sometimes hear about this in the media.

Cybercriminals can then use the personal information obtained in this way for identity theft: they impersonate you in order to conclude contracts in your name, demand money from your friends or make online purchases.

SIM swapping is a specific form of identity theft. This involves fraudsters attempting to gain (temporary) control of your mobile phone number. This allows them to bypass two-factor authentication via text message, for example, and gain access to your online accounts.

Fake online shops lure customers with incredibly cheap offers. However, these apparent bargains often turn out to be scams: either you receive inferior goods or nothing at all – but your payment details are in the hands of cybercriminals.

How can you recognise fake online shops? Missing contact details or a suspicious URL are good indicators. But so are low prices, poor translations or payment in advance only – and no reviews or only fake reviews that are always the same. Copied product images are also a warning sign.

Incidentally, fraudulent online shops (online shops for branded products are particularly popular) spread very quickly on social networks: a pretty picture, a great price – but the attractive bait quickly leads to an expensive disappointment.

You can find out more about fake online shops and how to recognise them at swisscybersecurity.net(opens in new tab)

Fraudulent web shop: 24 of 470 reported fraud attempts in calendar week 28/2025(opens in new tab)

Spam refers to unwanted emails that are sent out in bulk. In addition to annoying advertising, spam emails can also contain malicious attachments or links to phishing sites.

Spam filters intercept many of these messages, but cybercriminals try to circumvent them in specific ways. For example, they use current events, personalise their requests or use deceptively genuine sender addresses to make their messages appear authentic and convincing.

Spam: 420 of 1,322 reported cyber incidents in week 28/2025(opens in new tab)

Spoofing means ‘disguise’ and refers to the falsification of identity in the digital space. Hackers forge IP addresses or email sender addresses, for example, to make themselves appear trustworthy.

An example? You receive an e-mail that appears to be from your bank. In reality, however, the sender address is fake. At first glance, everything looks genuine to you – until you take a closer look.

Many cyber attacks are based on spoofing. This makes it difficult to distinguish between genuine and fake messages.

Pharming has nothing to do with the pharmaceutical industry, but is a rather rare but insidious method used by cybercriminals to redirect you to fake websites. Hackers manipulate the DNS settings (essentially the ‘address book’ of the internet) with viruses or Trojan horses. What does that mean?  

Here's another example: you enter a correct web address (e.g. your bank's login page), but instead you end up on a fake page that looks deceptively real. Because you don't suspect fraud, you enter your login details there – and they end up directly with the cybercriminals. Unlike phishing, you don't even have to click on a suspicious link – the redirection happens automatically.  

So always stay alert and double-check: is the URL in the input window really correct? If your browser informs you of certificate errors or insecure connections, take it seriously. It is best to always go to the official website, e.g. your bank's, to log in (not via a direct link from your Google search results).  

Fortunately, pharming is relatively rare and usually targets companies rather than private individuals.

Shortly before the holiday season, cybercriminals like to send fake emails on behalf of airlines or hotels. These emails contain information about alleged booking confirmations, cancellations or urgent payment issues. You already know their goal: to get you to enter your credit card details.

More and more often, these messages also contain genuine content, such as copied content from original websites or emails. For example, they may contain flight numbers or hotel names from current offers – perhaps even ones you have recently booked.

Therefore, always check the sender's address and the URL of the linked page to expose any fraud. Sometimes the scams are also optimised for mobile devices – in which case the desktop view may reveal even more details.

The days of broken English in phishing emails or generic salutations such as ‘Dear Sir or Madam’ are gradually coming to an end. Instead, you receive fully personalised messages with your real name and correct amounts from actual transactions. Creepy?

Yes and no, because there are often explainable reasons for this: hackers know your details, for example, through data leaks, because they have hacked into your inbox or by digging through your digital footprint on the internet and social networks.

If you receive emails with such personalised information, it is best to check whether automatic forwarding is stored in your email account and, if so, delete it and change your login details immediately.

QR codes can be very practical – but because the URL stored in them is not immediately visible to the eye, they are also susceptible to manipulation. That's why it's particularly important to be careful with public QR codes (e.g. on parking meters or charging stations), as these could have been covered with fake QR codes.

Check carefully before scanning them: do the codes look like they have been stuck on or damaged? If you have scanned the QR code and are asked for your credit card or personal details, take a close look at the URL.

Find out more at iBarry(opens in new tab)

Money is and remains the main motive for most cybercriminals. In recent years, completely new business models have developed for them: from classic credit card fraud to ransomware extortion and fake online shops. The profit margins are often enormous: a ransomware attack can earn the blackmailer millions in just a few days, while the development costs of the malware remain minimal. Unfortunately, digital crime has thus become a lucrative full-time job.

Industrial espionage must also be mentioned in this context: this involves stealing trade secrets or research results in order to weaken competitors and strengthen one's own position. This can also occur in politics. This form of cybercrime is designed to function over the long term and to operate in secret. It therefore often remains undetected for years.

Of course, personal motives such as revenge, frustration or the need for recognition can also be behind cyber attacks. Such attacks are emotionally motivated and often less well thought out than more professional operations. However, they are usually more destructive because the perpetrators are prepared to cause considerable damage. Recognition within the hacker community can also be a possible motivation for finding security vulnerabilities.

And we have already mentioned it a few times on this page: your personal data is valuable. When profiling, cybercriminals collect specific information: what do you buy, where do you live, who are your friends, what are your political views? They use this information to create a profile of you so that they can then target your weaknesses or preferences. The more information they have about you, the more credible their attacks (or the attacks of their customers) will be.