The Central Bank of the Republic of San Marino, in accordance with its statutory purposes of protecting savings and the integrity of the San Marino financial system, having noted the growing threat represented by computer fraud against (also) the customers of San Marino authorized entities, announces that it has initiated actions aimed at raising the awareness of financial operators operating in the Republic, as well as trade associations, in order to promote initiatives and information campaigns on these issues.
The Central Bank of the Republic of San Marino itself will implement a special section of its website dedicated to financial education, considering that - beyond the security safeguards put in place by intermediaries - the first line of defense to counter the threats of computer fraud is the awareness by savers of the risks to which they are exposed in managing their credentials to access financial services available online.
In the meantime, the public is urged to exercise particular caution with respect to the receipt of telephone calls, text messages and e-mail communications that appear to be traceable to authorized San Marino entities, and to never provide through such means of communication information regarding access credentials to one's accounts or personal information, always checking directly with authorized entities about their location.
In fact, despite the introduction of mechanisms such as strong authentication (so-called strong customer authentication) that have made it possible to strengthen customer protections for remote purchases (via the Internet), there are other methods used by fraudsters in order to break directly into the accounts of unsuspecting customers. These include the most common ones.
Through such methods, fraudsters often use the technique of "spoofing," disguising the origin of communications (e-mail, phone calls, SMS) to make them appear to be transmitted from official channels, such as those of banks or payment institutions. The same, through psychological conditioning techniques, manipulate victims by pretending to be qualified subjects, creating urgency or threatening negative consequences.
To guard against such fraud attempts, the public is urged to:
- stay informed about popular scams and warnings from authorities;
- do not share credentials, such as PIN, or payment details. Be reminded that the intermediary will never contact customers to request their knowledge;
- use different passwords and do not save them in browsers;
- do not click on links or access sites via suspicious QR codes;
- remain calm and think before acting;
- avoid using public wi-fi networks for home banking;
- check banking transactions regularly, report suspicious transactions to your institution immediately, and ask for payment cards to be blocked;
- enable notifications of payments made.
Through such diligent behaviors, users will therefore be less exposed to the risk of being subjected to fraud, and it will also be easier to disallow unauthorized transactions and request reimbursement from their Institution.
In addition, the public is informed that it is possible to verify the presence of financial operators authorized to operate in the Republic of San Marino by consulting the registers and registries maintained by the undersigned Central Bank.
Should the initiative to initiate a contractual relationship remotely come from the San Marino customer, it is always invited to verify that the foreign financial operator has the authorizations of the relevant Supervisory Authorities as well as to consult what is reported on the website of the International Organization of Securities Commission (IOSCO)(https://www.iosco.org/i-scan/) in relation to operators who are not authorized and who offer, in the absence of authorizations, services of a financial nature with the concrete risk of being victims of fraud.
Finally, in the case of attempted fraud, it is recalled that at the Operational and Judicial Police Department of the Gendarmerie an Office for Investigations in the field of cybercrime has long been established, which has the e-mail address crimini.informatici@gendarmeria.sm. In this regard, it is noted that the active cooperation of the users is particularly important since much of the conduct related to computer crimes are characterized by ex officio prosecution and, therefore, the reports that will reach the aforementioned Office may presuppose Judicial Police investigations for subsequent transmission to the Judicial Authority.