Identity, personal data, networks, devices, social networks: here are some suggestions to help you use the internet safely and intelligently.


  • Do not use telephone numbers, addresses or other personal information as passwords. Someone could use this information to gain access to your account;
  • Never accept the prompt by your browser asking if you want it to save your passwords automatically: it’s a risky habit in terms of protecting data;
  • In choosing a password, it’s a good idea to think of an easy combination of words to remember plus a combination of numbers and special characters;
  • Never use the same password for more than one account or service. It’s helpful to use an online password manager or create your own personal algorithm to remember your passwords.

Saved data

  • It’s a good idea only to save data that is strictly necessary, and to delete all data not being used from all your devices;
  • It’s also important to back up your data, preferably on an external hard disk, or alternatively store using a cloud-based solution, so you can recover the information at any time if necessary.

Online behaviour

  • Use a different email address for each situation (e.g. for bank accounts, company accounts, newsletters, etc.);
  • Change the passwords for the email addresses you use to exchange information with the Bank;
  • Make sure you always log out from your account when using another device;
  • Beware of any email, text message, or WhatsApp chat message asking you to provide sensitive data or your credentials; institutions generally don’t ask you for such information in this way;
  • Be very careful of any offers received or read online. It is generally a better idea to use trusted e-commerce websites rather than picking one at random.

Financial information

  • Avoid carrying out banking operations and sending other sensitive information using a public Wi-Fi network. If you are using public Wi-Fi, it’s a good idea not to do anything that involves entering one of your passwords;
  • Make sure the website you’re using is secure – you know it’s secure if the letters "https" are found at the start of the – before executing a financial transaction of any kind.


  • Use the text message or email alert service to be notified each time your credit card is used, which enables you to see immediately if there have been any suspicious movements;
  • If you access your bank accounts online, it’s advisable to check your account statements and card movements at least once a week, to check there have been no suspicious transactions. Be wary of small movements in particular, which are less easy to notice and which can therefore conceal instances of fraud.

Keep your eyes open for possible instances of fraud

  • Make sure you store the data for the credit card you have received from the Bank safely, to prevent others from being able to steal your personal information;
  • When you need to share your credit card number, it’s advisable to check first who needs to know it, and don’t disclose any data if you are unsure;
  • Don’t save photos of cheques (even blank cheques) or sensitive codes for your credit card on your smartphone, or send them to others; it’s much easier to duplicate your payment instruments with this kind of information in hand.
  • Update your operating system regularly to ensure your computer is protected from the latest threats, and clear unnecessary files from your phone, to make it easier to protect it;
  • Protect your PC and smartphone using a good antivirus or anti-malware programme, and run regular scans for spyware. Install a personal firewall to protect your mobile devices from direct attacks;
  • urn your computer off when not using it. If you leave it in standby mode, and hence connected to the internet, you are increasing the amount of time in which it’s exposed to possible unauthorized attacks;
  • Before disposing of an old device, make sure you’ve made all information stored on it illegible; data can be erased through a magnetic procedure or by using dedicated software applications. For smartphones, carry out a factory reset, which will restore it to its initial condition;
  • Delete any emails from unknown sources, avoid downloading files from unsafe websites, and be careful of pop-ups or random announcements that could open the door to viruses or other programmes that could damage your devices;
  • Pay attention to whoever is sitting or standing next to you in public places or on public transport. Some people might try to read your private information off your device’s screen.


  • Only download apps from the online stores: some apps can share personal data or even GPS positions;
  • Check and configure the privacy settings of the apps you download: always choose the option to share the smallest quantity of data possible;
  • Disable auto upload to cloud options, and always choose which information you want to upload on remote servers;
  • Set content filters so that children cannot inadvertently download apps with inappropriate or harmful content.
  • Don’t share personal information on social networks: lots of hackers use combinations of personal data such as names of children, addresses and other details to work out passwords and access them;
  • Always use the highest privacy settings to ensure that your personal data doesn’t end up in the hands of criminals. It’s also worth bearing in mind that privacy settings are updated continuously, so it’s a good idea to check your settings regularly;
  • Don’t accept requests for friendship from people you don’t know; use your personal profile to maintain relations with “real” friends. If suspicious users start to behave invasively, remember that social networks allow you to block users who don’t respect your privacy;
  • Be suspicious of any “friends” who say they are in difficulty or ask for financial help. If you’re worried about them, contact them personally and make sure it’s not a fake;
  • It’s a good idea to activate two-stage authentication for your accounts on those social networks that allow it. Two-stage authentication involves a password of your choosing plus a one-time code in numbers which is sent to your phone by text message each time you access the account from another device.
  • If the company providing you with the email account  (Gmail, Hotmail etc.) suffers a data breach, you should change your password immediately;
  • If the data breach is incurred by the company which issued your card, cancel the card and ask for a new one to be issued;
  • If you receive a link via email asking you to update your information following a data breach, go to the company’s website to update your login credentials (by typing out the URL in the address bar) and check that the breach has actually occurred.
  • Use a secure password to access your email; changing your password frequently can help enhance the level of protection;
  • If you are asked to sign for an unknown money transfer, you should inform your relationship banker promptly and change the password you use for your email;
  • Mediobanca will never ask you to enter an OTP for any reason;
  • Mediobanca never sends texts messages or instant messages inviting you to visit specific websites.




“INavigati” national campaign promoted by CERTFin

In conjunction with European Cyber Security Month 2022, the Mediobanca Group has adhered to the “I Navigati” national campaign promoted by CERTFin - CERT Finanziario Italiano, confirming its commitment to spreading a culture of information security. The objective of this campaign, which has received patronage from the Italian personal data privacy authority, is to promote secure and informed use of digital instruments, and to raise awareness of the risks of cyber-attacks and online fraud.

Find out more here: Abi lab "I Navigati"


Website Award

Mediobanca has been ranked as having one of the safest websites for users in the Safest Content Award 2022 for Content and Links.

The Safest Content Award 2022 was granted following an aggregated verdict based on the popular/trusted public ratings, user reviews, and compared to other websites in the same category in’s directory.

Safest Content Award 2022