Swissquote, a prominent online trading platform known for its crypto-friendly Yuh app, is facing increased scrutiny from Swiss regulators due to a surge in impersonation and fraud attempts targeting its platforms. The Swiss Financial Market Supervisory Authority (FINMA) has ordered Swissquote to take measures to curb these malicious activities.

In the first half of 2025, over 600 websites impersonating Swissquote or employing fraudulent login portals were detected. These websites aim to steal personal details, such as usernames and passwords, or to trick users into making inappropriate actions like initiating unauthorized payments. Scammers often target victims through social media and dating websites. They may also impersonate a CEO or CFO to deceive individuals into paying fake invoices or revealing sensitive data.

CEO of Swissquote, Marc Buerki, stated that FINMA sent an annual assessment letter earlier in 2025, instructing Swissquote to decrease the number of reports it submits to the country's money laundering reporting office. Buerki highlighted that the Yuh platform, operated in partnership with state-owned lender PostFinance AG, is a significant target for fraud campaigns. However, he clarified that Swissquote's core systems have not been compromised.

Buerki attributed the increase in attacks and fraud attempts to the rise of AI. He also noted that much of the suspicious activity originates from abroad, which makes it more difficult to control.

FINMA has been warning financial institutions about the growing risks of cybercrime, with reports of successful or partially successful attacks increasing by 30% compared to the previous year. Other financial institutions have also been affected; UBS Group AG had data from over 130,000 staff exposed on the darknet after a cyberattack on a procurement service provider. ABN Amro NV and Banco Santander experienced data breaches following hacks at external suppliers last year.

Swissquote is regulated by top-tier regulators, including FINMA in Switzerland and the Financial Conduct Authority (FCA) in the UK. These regulators require strict adherence to rules designed to protect client money, including segregation of client funds from operational funds, fair fees and prices, and transparent trade execution. Non-compliance can result in the loss of operating licenses.

Swissquote provides guidance to its customers on how to identify and avoid scams. The company advises users to be suspicious of communications asking for account credentials or card details, or directing them to unofficial websites. Swissquote emphasizes that it will never ask customers for their account credentials or card details via phone, email, or SMS and never sends emails with links to login pages. The company also advises its users to enable two-factor authentication.

If a user suspects they have been targeted by a scam, Swissquote recommends logging into their account to change their password, locking their Swissquote card via the app, contacting their Customer Care Center, and reporting the fraud attempt to phishing.report@swissquote.ch.