- What is malware, and what do "drive-by" and "phishing" mean?
- Why does SWITCH take action with regard to malware and phishing on .ch websites?
- What happens when .li domains are misused?
- What is the procedure for domain names that are being misused? What deadlines are involved?
- Will my details be published anywhere?
- Will my details be forwarded to the authorities?
SWITCH's Safer Internet website answers the burning questions on security and explains the dangers facing domain name holders and website owners.
Websites that are misused for drive-by infections or phishing represent a major threat to anyone who visits them. Websites with .ch and .li domains are not immune to this kind of misuse by cybercriminals. The Ordinance on Internet Domains (OID) gives SWITCH the power to deactivate domain names temporarily in order to protect Internet users. In fact, SWITCH is legally obliged to block domain names when instructed to do so by the authorities.
The procedure for .li domains spreading malware is similar to that for .ch domains. It is based on SWITCH's General Terms and Conditions.
A description of the procedure, including all the deadlines involved, can be found in this document.
SWITCH does not publish details of infected websites. It merely informs the registrar, the domain name holder and the technical contact. The hosting provider or Internet service provider may also be informed in some cases so that they can help to remove the infection. SWITCH handles all client data in accordance with the Data Protection Act.
If the drive-by or phishing code is removed from a compromised website within the stated deadline, SWITCH does not inform the authorities.
It only informs them when the drive-by code or phishing site has not been removed and the domain name holder has responded to a request for identification.
If you have any questions concerning infected .ch and .li websites, please send them to the Safer Internet contact point. You can also use this address to report infected .ch and .li websites.