1. Residential Customers
  2. Business Customers
  3. About Swisscom
  4. blue News
  1. My Swisscom
  3. myCloud
  4. TV
  5. Phone book
EN
Weather
  1. blue News
  1. Entertainment
  1. Sport
Swisscom Services
  1. Phone Book
  3. Web TV
  4. My Swisscom
Swisscom Apps
  1. Swisscom blue News & E-Mail
  2. Swisscom blue TV
  3. Swisscom blue Cinema
  4. Swisscom myCloud
Language
  1. English
  2. Deutsch
  3. Français
  4. Italiano

Malware instead of a severe weather app Warning about these fake letters

Carsten Dörges

14.11.2024

Fraudsters are currently sending letters with MeteoSwiss as the sender. Recipients are supposed to download a new "severe weather warning app" via a QR code. But there's a nasty phishing scam behind it.
Fraudsters are currently sending letters with MeteoSwiss as the sender. Recipients are supposed to download a new "severe weather warning app" via a QR code. But there's a nasty phishing scam behind it.
Bild: X/MeteoSchweiz

Fraudsters are currently sending letters with MeteoSwiss as the sender. Recipients are supposed to download a new "severe weather warning app" using a QR code. But this is a nasty phishing scam.

14.11.2024, 19:11

14.11.2024, 22:11

No time? blue News summarizes for you

  • Fake letters are currently being sent with MeteoSwiss as the sender.
  • The letters ask recipients to install a new "severe weather warning app".
  • However, the QR code shown in the letter only leads to the download of malware called "Coper".
  • This software is also capable of stealing access data from e-banking apps.
Show more

Once again, criminals are trying to obtain data from Swiss citizens. The "Federal Office for Cybersecurity " (BACS), the "Federal Office of Meteorology and Climatology MeteoSwiss" and the "Federal Office for Civil Protection" are currently warning of letters purporting to come from the Federal Office of Meteorology and Climatology.

The letters ask recipients to install a new "severe weather warning app". "In view of the increasing frequency and intensity of storms in Switzerland, we, the Federal Office of Meteorology and Climatology, would like to ensure your safety and that of your family," the fraudulent letters state.

However, there is no such federal app with the name mentioned. Instead, the QR code shown in the letter leads to the download of malware called "Coper" (also known as "Octo2"). When the supposed "severe weather warning app" is installed, the malware attempts to steal sensitive data such as access data from e-banking apps.

The malware only affects smartphones running the Android operating system. As soon as the malware has been downloaded, it is displayed on phones with an Android operating system as an "AlertSwiss" app with a modified logo in which the spelling ("AlertSwiss" instead of "Alertswiss") and the logo are clearly different from the real app (rectangular logo in a white circle on the fake app, round logo on the real app).

The real Alertswiss app from the Federal Office for Civil Protection, on the other hand, is an app for informing, warning and alerting the population, which is used by federal and cantonal authorities.

"If you have received such a letter, you can send it to the BACS digitally using the reporting form," writes MeteoSwiss. This will help you to take appropriate defensive measures: "You should then destroy the letter". Initial defensive measures have already been taken.

If the app has already been downloaded and installed, users should reset the affected smartphone to the factory settings.

More on the topic

Internet fraud. FINMA warns of phishing e-mails

Internet fraudFINMA warns of phishing e-mails

In many letterboxes. Beware, there's a nasty scam behind this letter

In many letterboxesBeware, there's a nasty scam behind this letter