What to do if you've clicked on the link and completed the form
If you have followed the prompts and provided information, you should immediately change your password on mySWICA. Open the app or the web-based version and click on "Problems logging in?" You can then reset your password. This link will take you directly to the password reset function. Access is always based on two-factor authentication using an SMS message or biometrics (facial recognition or fingerprint) on a smartphone.
If you have entered your credit card details in the phishing form, keep a close eye on your credit card transactions and, if necessary, block the credit card immediately with your provider.
How can you protect yourself?
- Be sceptical about every email you receive. Keep in mind that the message might not have come from SWICA. Check the web address before clicking on a link or completing a form. If the domain name displayed in the browser window is not swica.ch or myswica.ch, it is likely that fraud of some kind is being attempted.
- Be suspicious if you are asked for sensitive data (e.g. a request for payment, account information, passwords). No payment information is ever requested via mySWICA.
- SWICA takes data protection very seriously. If you are uncertain, please call SWICA Customer Service (0800 80 90 80) or forward the email to your SWICA agency. Report the incident there and ask whether SWICA is the actual sender of the email.
What is "phishing"?
"Phishing" is a technique used by fraudsters to gain access to personal data (e.g. passwords and credit card numbers). The fraudster pretends to be a legitimate actor (e.g. the tax authorities, a bank, the police or, in this case, an insurance company). The (fake) trustworthy identity ensures that recipients are not suspicious. This is how the fraudsters get hold of sensitive data. In addition, the emails often contain a link that installs malware on the victim's computer when he/she clicks on it.