On 13 April 2026, Switzerland’s federal cyber authority launches a national campaign against AI phishing – but for SMEs, awareness alone cannot close the operational gap that large language models, deepfake voices, and real-time credential theft have torn open.
—
Switzerland’s Federal Office for Cybersecurity – the BACS, formerly known as the NCSC – kicks off this year’s S-U-P-E-R.ch campaign on 13 April 2026 under the banner «SUPER, oder?» (roughly: «SUPER, right?»). For four weeks through 10 May, the campaign aims to sensitize the public and businesses to AI-powered phishing. The timing is deliberate: the BACS semi-annual report for the second half of 2025, published on 30 March 2026, documents that internationally operating threat groups are increasingly individualizing their attacks using artificial intelligence.
For Swiss SMEs, this signal carries an uncomfortable asymmetry. The campaign targets individual vigilance – the moment an employee spots a suspicious link, the moment a CEO questions a cloned voice on the phone. But precisely this human detection capability no longer works reliably against AI-generated attacks. A 2025 iProov study found that only 0.1 percent of participants correctly identified all deepfake content. Seventy percent said they could not confidently distinguish a real voice from a cloned one. Any organization that stakes its phishing defense on human pattern recognition is building on a foundation that AI systematically erodes.
The new quality of attacks
The shift is not gradual. It is structural. Three developments mark the break.
First, spear-phishing scales. What once required manual research and individually crafted text, large language models now produce in minutes. AI scans social media profiles, company websites, and professional networks to generate thousands of individually tailored messages. The output is not identical emails but slightly varied versions that evade traditional spam filters more effectively. CEO fraud becomes more convincing because communication patterns, typical phrasing, and even references to ongoing projects flow into the message.
Second, deepfake voices and video have become cheap. Voice-cloning technology now needs 20 to 30 seconds of recorded audio for convincing results; some platforms achieve passable output from three seconds. Deepfake-as-a-Service platforms have democratized executive impersonation. In the canton of Schwyz, attackers used manipulated audio mimicking a trusted business partner to convince an entrepreneur to wire several million francs to an account in Asia.
Third, attacks are becoming adaptive. AI systems analyze in real time how a target responds and adjust the conversation dynamically. If the target asks a follow-up question, the AI generates a plausible answer immediately. The attack unfolds as a dialogue and feels like a genuine conversation. The BACS documents this technique as «double phishing» – attackers exploit a phishing incident that just occurred to victimize the target again by phone.
The Swiss numbers
The BACS semi-annual report for the second half of 2025 provides the quantitative frame. During that period, 29,006 voluntary incident reports were submitted, 52 percent of them in the «fraud» category. Since the introduction of the mandatory reporting obligation under the ISG – Switzerland’s Information Security Act, which took effect on 1 April 2025 – the BACS has recorded a total of 325 reportable cyber incidents against critical infrastructure, of which 145 fell in the second half of 2025. Hacking accounted for 20 percent of attack types, DDoS for 16 percent, and credential theft for 12 percent.
One figure stands out: reports in the «advertising for online investment fraud» category quintupled to 3,485 compared with the same period a year earlier. And from summer 2025, so-called «SMS blasters» appeared in Switzerland for the first time – devices that simulate mobile cell towers and send malicious text messages directly to nearby phones, bypassing carrier-level filters entirely. The cost of attack drops; the reach grows.
These figures collide with a second finding that the BACS repeats consistently across its situation reports: the human factor remains the decisive lever, but simultaneously the least reliable control layer. Organizations that address cybersecurity primarily through training are, in effect, shifting risk onto every single employee – at a moment when attack quality systematically outpaces detection ability. The BACS’s own Cyber Security and Resilience Method (CSRM) addresses exactly this point: it demands a combination of technology, process, and people across five defined steps and, when properly implemented, covers most requirements of the national ICT minimum standard.
What SMEs must implement now
Awareness remains one building block, but without technical and procedural controls it is ineffective. The following five measures are prioritized by urgency.
1. Harden the email security stack
Email remains the primary attack vector. Any organization that has not set SPF, DKIM, and DMARC to «enforce» is allowing attackers to send messages in its name. DMARC in «none» or «quarantine» mode is a monitoring tool, not a defense. Only «reject» blocks spoofed senders effectively.
Beyond authentication, SMEs need email filters capable of detecting LLM-generated content. Traditional rule-based spam filters fail against individualized, grammatically flawless phishing messages. Modern solutions analyze behavioral patterns – does this sender normally write at this time, in this tone, with this type of attachment? Moving from signature-based to behavior-based detection is the single largest lever against AI-driven phishing.
Timeline: DMARC enforcement within 30 days. Evaluation of behavior-based email security within 60 days.
2. Deploy phishing-resistant MFA
Multi-factor authentication is directly under fire. The BACS documents real-time phishing against banking applications: attackers harvest credentials including MFA codes through fake login pages in real time, before the codes expire. SMS-based one-time passwords and authenticator apps do not protect against this technique, because the code is relayed to the attacker the instant the victim enters it.
Only FIDO2/WebAuthn-based methods are phishing-resistant – hardware security keys or passkeys. These bind authentication cryptographically to the legitimate domain. If an employee enters credentials on a spoofed page, authentication fails because the key recognizes the wrong domain. No human judgment required. No real-time bypass possible.
Timeline: Pilot for privileged accounts (executive team, finance department, IT admins) within 60 days. Organization-wide rollout within six months.
3. Make out-of-band payment verification mandatory
CEO fraud and deepfake voice calls target a single moment: the authorization of a payment under time pressure. The most effective countermeasure is not training but a binding process. Every payment instruction above a defined threshold – CHF 5,000 is a reasonable starting point, adjusted by company size – must be confirmed through a second, independent channel. Specifically: anyone who receives a payment instruction by email or phone calls the alleged sender back on a number stored in advance. Not the number in the email. Not the number on the caller display.
This process must be documented in writing, signed by the executive team, and rehearsed in the finance department. It protects even when the deepfake voice sounds perfect, because the callback on the stored number reaches the real person.
Timeline: Immediately actionable. Written directive within one week.
4. Know and use the reporting channels
The BACS provides two central reporting channels: antiphishing.ch for suspicious messages and meldeformular.bacs.admin.ch for cyber incidents that fall under the ISG mandatory reporting obligation. Both channels are open to SMEs, not only to critical infrastructure operators or private individuals. Every reported phishing URL is analyzed by the BACS and can lead to the takedown of the fraudulent page.
Internally, every SME needs a clear, low-barrier reporting path. Employees must know where to forward a suspicious email without fear of blame. A shared mailbox such as phishing@company.ch, combined with a simple rule – «when in doubt, report, never click» – lowers the threshold. Anyone who reports phishing is not questioned about why the email was opened.
Timeline: Internal reporting mailbox within one week. Staff briefing on external BACS channels within 30 days.
5. Establish a deepfake voice verification protocol
Neither trained ears nor real-time voice analysis tools reliably detect deepfake audio in everyday use. What works is a protocol: when a phone call carries financial or security-relevant instructions, the recipient poses a pre-agreed challenge question whose answer cannot be derived from public sources. Alternatively, the call is terminated and the recipient calls back through the stored channel.
This protocol sounds simple. It regularly fails because of corporate culture. If the CFO considers it «rude» to call the CEO back for verification, the control breaks down. The executive team must explicitly legitimize and model this behavior.
Timeline: Protocol definition within two weeks. Communication to all employees with payment authority within 30 days.
Pitfalls that create a false sense of security
«Our awareness training is enough.» If 99.9 percent of people cannot reliably identify deepfakes, training is a necessary but insufficient measure. Training sharpens attention. Technical controls catch what attention misses.
«SMS OTP counts as MFA.» SMS-based one-time passwords are better than no MFA, but they are ineffective against real-time phishing. The BACS documents the technique in detail: credentials including MFA tokens are intercepted and replayed in real time. Only FIDO2/WebAuthn qualifies as phishing-resistant.
«Our CFO would recognize CEO fraud.» The deepfake case from the canton of Schwyz proves otherwise. Even experienced executives fall for manipulated audio because they believe they know their business partner’s voice. A mandatory verification process replaces personal judgment with structured control.
«antiphishing.ch is only for private individuals.» The portal is open to everyone. Every reported URL increases the probability that the phishing page is taken down quickly. SMEs that actively encourage employees to report contribute to collective defense.
«We are too small to be a target.» AI-driven phishing scales. What once paid off only against large enterprises now hits five-person businesses, because the cost per attack approaches zero. The BACS statistics confirm it: ransomware and fraud strike Swiss organizations of all sizes opportunistically.
The signal and the gap
The S-U-P-E-R.ch 2026 campaign addresses the right topic. AI-powered phishing is the dominant threat facing Swiss businesses, and the BACS is bringing it to public attention. But attention alone does not close a security gap. The BACS itself states it clearly in the semi-annual report: resilience emerges where collaboration, vigilance, and technology work hand in hand.
For SMEs, the campaign is the signal. The operational work – enforcing DMARC, rolling out FIDO2, anchoring verification processes, establishing reporting channels – falls to the organization itself. Any company that emerges from four weeks of campaigning with nothing more than sharpened awareness but no hardened controls has not understood the asymmetry. AI-powered attackers are getting better. The defense must get better faster.
