Phishing: Beware of fake emails

Some SWICA customers and non-customers are currently experiencing phishing attacks. They receive emails which purport to come from SWICA. In reality, however, these emails have been sent by third parties with the aim of obtaining sensitive data. Learn more about phishing and how you can protect yourself against it.
We have recently seen evidence of phishing emails. The message and the sender simulate the appearance of a SWICA email. The recipient is asked to update his/her personal information for an outstanding refund. Clicking on the link opens a page which looks like the mySWICA customer portal. After the user has entered his/her user name and password, credit card information is requested.

What to do if you've clicked on the link and completed the form

If you have followed the prompts and provided information, you should immediately change your password on mySWICA. Open the app or the web-based version and click on "Problems logging in?" You can then reset your password. This link will take you directly to the password reset function. Access is always based on two-factor authentication using an SMS message or biometrics (facial recognition or fingerprint) on a smartphone.

If you have entered your credit card details in the phishing form, keep a close eye on your credit card transactions and, if necessary, block the credit card immediately with your provider.

How can you protect yourself?

  • Be sceptical about every email you receive. Keep in mind that the message might not have come from SWICA. Check the web address before clicking on a link or completing a form. If the domain name displayed in the browser window is not swica.ch or myswica.ch, it is likely that fraud of some kind is being attempted.
  • Be suspicious if you are asked for sensitive data (e.g. a request for payment, account information, passwords). No payment information is ever requested via mySWICA.
  • SWICA takes data protection very seriously. If you are uncertain, please call SWICA Customer Service (0800 80 90 80) or forward the email to your SWICA agency. Report the incident there and ask whether SWICA is the actual sender of the email.

What is "phishing"?

"Phishing" is a technique used by fraudsters to gain access to personal data (e.g. passwords and credit card numbers). The fraudster pretends to be a legitimate actor (e.g. the tax authorities, a bank, the police or, in this case, an insurance company). The (fake) trustworthy identity ensures that recipients are not suspicious. This is how the fraudsters get hold of sensitive data. In addition, the emails often contain a link that installs malware on the victim's computer when he/she clicks on it.

With approximately 1.5 million insured persons, approximately 27'000 corporate clients and a premium volume of 5,0 billion francs, SWICA Healthcare Organisation is one of Switzerland's leading health and accident insurers. Its product offering is available to both private individuals and companies and provides comprehensive insurance cover for medical expenses and loss of earnings due to illness and accident. SWICA is a health partner with a focus on above-average service quality and a high-quality service offering. SWICA has its headquarters in Winterthur and operates across Switzerland.

You can also follow us on our social media channels.

Facebook    Instagram     Xing     LinkedIn     Youtube     Twitter