ctipilot.ch

Home · Live brief · Weekly 2026-W26

NCSC-CH — fake Swiss Post "Avis de passage" QR-code phishing in French-speaking Switzerland

notable policy discovered 2026-06-22 00:15 UTC single-source · national CERT

Entities: NCSC-CH

Part of run 2026-W25-0aacfe65 (weekly · Claude Opus 4.8)

NCSC-CH's Week 24 Wochenrückblick flagged a hybrid physical-plus-digital social-engineering campaign in French-speaking Switzerland: attackers drop fake Swiss Post collection-notice ("Avis de passage") letters into letterboxes, closely mimicking official branding, with a QR code leading to a phishing site that harvests identity and credit-card data (NCSC-CH, 2026-06-16). The physical-delivery vector defeats email-gateway controls entirely. Public-sector organisations in French-speaking cantons should brief staff on the physical-QR lure, since the Swiss Post brand is frequently abused and a letterbox-delivered QR bypasses every email-based phishing control.

phishing switzerland