MY ACCOUNT | NEWSLETTER |

Protecting Savings: Online Payments and Scams


The financial sector, even in Italy, ranks among the major victims of cybercriminals. According to the latest "Clusit 2023 Report on Cybersecurity", in 2022 alone, approximately 2 new phishing pages were activated daily in this area, through which scammers attempted to deceive victims into providing personal information, financial data, or access codes. Big brands like Bper Banca, Intesa Sanpaolo, and Poste Italiane are targeted by hackers. However, phishing is not the only type of cyber risk associated with banking services.

When discussing the banking world, we must distinguish between two areas:

  1. Risks for account holders, related to phishing activities aimed at obtaining credentials, personal information, and financial data. The average damage caused per individual citizen can be quite high, but when analyzed in absolute value, it generally involves many cases of relatively low value.
  2. Cyber risks indirectly involving clients. Cases of ransomware attacks on a bank, where data is encrypted and published on the internet, are numerically lower but have greater potential for damage.

Depending on the context, defending against cyber risks related to financial services can take on different aspects:

  • If a market player is affected, the defense depends on the bank's ability to implement a mix of technologies, processes, backup operations, and staff training.
  • When considering citizen-oriented scams like phishing, knowing digital risks, being cautious about what is clicked, always asking questions, and not acting hastily, bypassing any logic of control over what is requested, can be key. (Banks never ask for passwords via SMS or send emails requesting code insertion).
  • Another issue concerns risks associated with online payments, where cybercriminals tend to exploit psychologically incentivizing communication techniques, promising possible winnings or discounts. (Anything resembling a gift is a scam, so caution must be exercised and payment systems should not be used without first conducting appropriate risk comprehension checks).
  • If the risk to be contained is the abusive use of one's credentials, any form of two-factor authentication is a method of great caution (e.g., double-channel via SMS, token, etc.). However, it's important to note that multi-factor authentication can help but not save from all risks. For example, if a legitimate payment is made on a portal not under one's control, this system often doesn't work, and the money is unlikely to be recovered as these portals are often managed by offshore companies with impossible identification.

The banking world is subject to an extremely wide range of regulations aimed at maximizing system resilience: it is generally a sector less affected compared to others that have not made investments of this nature. However, it is evident that the more data a reality possesses, the more advantages a criminal can gain by attacking it, and the more they will attempt to do so. It all depends on the trade-off between the ease of the attack and the possibility of return on investment.






Like0
Dislike0
  • Please enter a comment


Name *
Email address *
Comment *


* Required fields

Information on the processing of your personal data
We inform you that, in compliance with the provisions of current national and European regulations for the Protection of Personal Data and Services of the Information Society and Electronic Commerce, by sending us this form you are expressly giving your consent to Grupo Asís Biomedia , SL, (hereinafter, "ASIS GROUP") so that, as the person in charge, it may process your personal data in order to respond to your request for contact and information by electronic means.

Likewise, when you expressly consent, we will process your personal data to send you specialized information, newsletters, offers and exclusive promotions from GRUPO ASIS and related companies.

For the aforementioned purpose, GRUPO ASIS may transfer your data to other companies linked to GRUPO ASIS or to third party service providers for the management of electronic communications and other security services, even in cases where they are outside of the European Union, provided that they legally guarantee the adequate level of protection required by European regulations.

At any time you can withdraw the consent given and exercise the rights of access, rectification, deletion, portability of your data and limitation or opposition to its treatment by contacting GRUPO ASIS by sending an email to protecciondatos @ grupoasis.com, or by written communication to address at Centro Empresarial El Trovador, 8th floor, office I, Plaza Antonio Beltrán Martínez 1, 50002, Zaragoza (Spain), indicating in either case the Ref. Personal data and the right you exercise, as well as attaching a copy of your ID or replacement identification document.


I have read and accept the treatment of my data according to the informed purpose and according Legal notes and the Privacy Policy
I wish to receive commercial information from GRUPO ASIS and related companies



More news

Respiratory Viruses? Now They Can Be Neutralized With Electromagnetic Waves. e4life Devices Take Centre Stage at Arab Health in Dubai

Like2
Dislike0

CityVet Honored as One of the Best Places to Work in 2025, a Glassdoor Employees’ Choice Award Winner

Like0
Dislike1

2024 WSAVA guidelines for the vaccination of dogs and cats

Like0
Dislike0

Performance of a point of care glucometer for detection of hypoglycaemia in horses

Like0
Dislike0

Characterization of lipofuscin-like cytoplasmic inclusions in canine blood leukocyte

Like0
Dislike0

Newsletter

 
 

News of interest

EVENTS

Copyright © 2025 - All Rights Reserved
ISSN 2768-198X

Top