Print this page | Close window
Federal Department of Defence
Civil Protection and Sport

Phishing, fraud and ransomware on the rise – 14th MELANI semi-annual report

In the second half of 2011, the Reporting and Analysis Centre for Information Assurance (MELANI) observed an increase in phishing attacks, attempted fraud and ransomware. This and other information is included in the semi-annual report published today.

Attacks from cyberspace are becoming technically more sophisticated. Human beings are still the greatest risk, however, for instance due to negligently or intentionally incorrect operation. The current semi-annual report of MELANI examines issues such as the various types of fraud and attacks occurring in the second half of 2011.

Attacks by purported IT support

Phishing attempts against e-mail providers and credit card companies became more frequent in the last six months of 2011. Calls from purported employees of Microsoft and other IT companies especially grabbed the media's interest. The scammers claim to be support staff of the company in question. They refer to error messages that supposedly can only be remedied if the victims give the company remote access to their computers. If access is granted, the attackers have the same options to manipulate the computer as if they were sitting directly at the computer. For instance, credit card data can be stolen.

Attempted fraud using hacked e-mail accounts

Attacks on e-mail accounts are often observed in waves. If the attackers succeed in hacking e-mail accounts, they have access to all the addresses saved in the contact lists. They then send e-mails to these addresses in the name of the actual account holder, claiming for instance that the account holder is stuck in a foreign country because his money and passport have been stolen. The senders then request that money be transferred to pay the hotel bill and the trip home.

Extortion using ransomware

Particularly insidious malware has been circulated on the Internet since April 2011: On the infected computers, it displays a message purportedly from the Federal Criminal Police Office of Germany, claiming that illegal software has been found on the computer. If the demanded fine of 100 euros is not paid, the computer would be blocked and the hard disk formatted. This malware with a demand for ransom, called ransomware, was also seen in Switzerland in November 2011. The version circulating in Switzerland misused the logo of the Federal Department of Justice and Police (FDJP).


Already in the last semi-annual report, MELANI reported in detail on the machinations of cyberactivists. The group called "Anonymous" in particular has frequently caused a stir. The group consists of Internet activists from around the world who demonstrate for a free Internet and against government controls. The current semi-annual report contains a detailed analysis of the advantages and disadvantages of the open structure favoured by cyberactivists in general and by "Anonymous" in particular. 

The MELANI semi-annual report 2011/2 is available at:

Address for enquiries:
Max Klaus, Deputy Director of MELANI
Federal IT Steering Unit FITSU
031 323 45 07
Federal Department of Defence, Civil Protection and Sports DDPS
For questions about this page: DDPS Communications
Print this page | Close window