900 408 200 | 965 021 512

24h customer service

Meridiano Seguros
To Call
en
Close

Search in Meridiano

Start writing here ..

Meridiano Insurances Awareness

More and more organisations are victims of identity theft by hackers. Using various social-engineering techniques, these agents deceive users into thinking they received lawful communication and taking some action: clicking on a link, sharing personal data, downloading a file, etc.

In this way, without realising it, users are the target of an iattempted fraud, which, if it succeeds, will cause an information theft, a money scam or the infection of their devices with some type of malware.

Can Meridiano Insurances be impersonated?

As with any other entity, cyber attackers can impersonate Meridiano Insurances through the three main communication channels used by companies and organisations to contact customers and users:

  • Via email: Phishing
  • Via a phone call: Vishing
  • Via SMS: Smishing

General features

These fraud attempts are always characterised by an urgency to act: update personal and financial data to renew a subscription, troubleshoot a user account, make a payment or receive a refund due to an alleged mistake, download an invoice or receipt, etc.

In order to make it credible and make the user fall into the trap, they impersonate the sender and their appearance, using their name, using logos, signatures, etc., of the impersonated organisation, even creating a fake website. In addition, in the case of vishing, they may also have collected information from the victim to gain their trust.

In this way, and given that the user understands that, in order not to lose something, he/she has to do what is requested as soon as possible, it is very likely that he/she does not stop to think if it is a fraud, since at a glance everything seems to be lawful.

However, these frauds are not perfect and, sif we take into account a number of details, we can identify them. Depending on the channel used, we shall consider:

Phishing

  • The sender's domain: it is usually very similar to the original one, but with some letters or symbols that change it slightly.
  • The way the recipient is addressed: dado que suelen ser correos enviados en masa, habitualmente se dirigirán a nosotros de forma genérica, sin emplear nuestro nombre, lo cual no suele suceder cuando se trata de una comunicación legítima.since these emails are usually sent in bulk, they will usually address us in a generic way, without using our name, which does not usually happen with lawful messages.
  • The language: they usually contain writing mistakes, because in many cases they are automatic translations of emails written in other languages. In this way, we can find semantic, spelling, grammar mistakes, strange symbols in the middle of a word, poorly-constructed sentences, etc.
  • Links: these are usually shortened or included in buttons so that the original link cannot be seen at first glance. As this is a fairly common practice and also used in lawful emails, we can place the cursor on the link to see the original one, or copy and paste it on the browser, without accessing. In addition, many of these links start with ‘http’, instead of https’, which shows they are not safe, which may already make us be suspicious. However, they are becoming more sophisticated and can include that ‘s’, so this is not a very reliable indication of their legitimacy anymore.
  • Attachments: when the goal is to infect a device, it is very common to attach a file hiding malware, disguising it as an important document for the user. Therefore, before downloading anything, it is essential to confirm the legitimacy of the message.

Vishing

  • Phone number: it is a number we do not know and, probably, our device will warn us it may be spam. In this case, before answering the call, you should search the number on the internet to see if there are any negative reviews about it.
  • They have information about us: unlike mass phishing emails, the cyber attacker usually collects information about the victim previously, such as their first and last name, email or address.
  • What they want from us: using the confidential information they already have, they gain the trust of the victim to ask them for those data hackers need, but which, if the call were legitimate, they should already have and not request again.

Smishing

  • How the recipient is addressed: many of these messages do not include any kind of greeting addressed to the user and, if they do, as happens with phishing, it will be very generic, such as “Hello”, “Good afternoon” or “Dear customer”.
  • Links: fraudulent texts via SMS usually contain links for you to access with some excuse. These can appear in two ways: shortened so that we do not see the original link at first glance, or shown and contain variations with respect to the actual links.
  • Language: these SMS also often contain errors in writing, many of them due to a poor translation from another language.

How to tell the difference between real Meridiano Insurances communication and an attempted fraud.

In case of being allegedly contacted by Meridiano Insurances or some of the enterprises within the company, the following must be taken into account:

  • The company has established authorised communication channels. Check the sender of the email or phone number that has contacted you and make sure it belongs to Meridiano Insurances. In the case of an email sender, remember that it can be very similar to the authorised one but with some differences.
  • If the text received contains a link, before clicking on it make sure it is one of Meridiano Insurances approved links. If in doubt, do not click on it.
  • At Meridiano Insurances we never ask our clients for confidential information they have already shared with us before, especially bank details. Only in certain cases and to verify the identity of the client, they will be asked for some numbers, but never all the numbers of a bank card or IBAN, because we already have them.
  • In no case do we ask a client to carry out an urgent procedure by email or SMS.

What should I do if I receive a suspicious email?

If the information above makes you doubt about the legitimacy of the email, SMS or phone call, do not share any personal data or interact with the message. Collect, if possible, all the information you have about this communication and contact Meridiano Insurances immediately by one of its approved channels.

Finally, if it has been an attempted fraud, delete the email or SMS received and block the sender or phone number through which you have been contacted.