Warning: Malware and phishing e-mails with “SBB” as the sender.
There have been more malware and phishing e-mails going around with fake SBB sender addresses. These e-mails try to get customers to visit what purports to be an SBB website. The fraudsters’ objective is to obtain personal information such as logins or credit card details or to infect your computer or your smartphone with malware.
SBB never sends unsolicited e-mails asking customers to reveal or amend passwords or credit card details. Unfortunately, SBB names and e-mail address are often misused and given as senders of these phishing e-mails. In reality, these messages come from fraudsters who are faking these sender details. We advise you to be extremely cautious if you receive unexpected e-mails.
Tips if you receive a suspicious message:
- If you are at all suspicious, delete the e-mails or report them to the National Cyber Security Centre (formerly Reporting and Analysis Centre MELANI)
- Be wary of unsolicited or unexpected e-mails you receive. Compare the name and the sender because these details often do not match if the e-mail is fraudulent.
- Never click on attachments or links in suspicious e-mails.
- Never share personal details, login information or credit card details in response to one of these e-mails. SBB will never ask for your security details (e.g. your password), be it by e-mail, smartphone message or telephone.
- Often recipients are given the impression that urgent action is needed so that they react to the message without thinking instead of critically examining the content of the e-mail. If you have any suspicions, you can contact SBB Rail Service at any time on 0848 44 66 88 (CHF 0.08/min.). SBB staff will help you if you are unsure of what to do.
- SBB will never ask you by e-mail or phone to install any software on your computer or smartphone or open attached files.
- Large trustworthy firms are often misused to commit fraud. Look out for similar scams from other senders.
Security recommendations.
Only download SBB smartphone apps via the App Store (for Apple devices) or the Google Play Store (for Android devices).
Protect your computer by using up-to-date antivirus software, a firewall and other virus protection systems. Install updates for these programs regularly. Always keep your system right up-to-date. Install the security updates provided for your operating system, browser, e-mail program and other programs and apps you use.
For more information about malware and phishing e-mails, dangers on the internet and how to protect yourself, visit the following sites:
- National Cyber Security Centre NCSCLink opens in new window.
- Form for reporting cyber threats to individuals and firmsLink opens in new window.
- Online security check and tips from the Swiss Internet Security AllianceLink opens in new window.
Examples of malware and phishing e-mails.


