That’s a screen shot of the opening email screen above. Below is the (slightly edited) text:
Città del Vaticano
08 aprile 2022
Avviso sulla Sicurezza Informatica.
gli effetti della mutata situazione geopolitica e del conflitto in corso tra Russia e Ucraina hanno costretto
tutti gli operatori e i cittadini a considerare con maggiore attenzione la questione della sicurezza digitale
e ad alzare il livello di guardia verso le possibili intrusioni nei sistemi informatici.
Si tratta di un fenomeno che aveva già registrato un notevole incremento negli ultimi tempi e che è
cresciuto ulteriormente in conseguenza dei nuovi scenari generati dal conflitto, tanto in ambito
finanziario quanto in altri settori che interessano la nostra vita quotidiana (commercio, viabilità, salute,
Anche per tale ragione l’Istituto per le Opere di Religione, che già opera con standard e livelli di sicurezza
digitale molto elevati, ha rafforzato i propri presidi informatici di difesa.
In questo contesto e per la sua tutela, le rinnoviamo l’invito a non rispondere ad eventuali richieste di
informazioni in merito ai suoi dati personali o ai suoi servizi finanziari.
Come lei ben sa, non è prassi del personale del nostro Istituto richiede telefonicamente o via email
l’invio di dati sensibili o di codici.
Qualora avesse anche solo il sospetto di una possibile intrusione nei suoi profili digitali non esiti a
Indirizzo email: [/////]
Indirizzo di posta: [/////]
per verificare ed eventualmente reagire prontamente per proteggere il suo patrimonio.
La barriera di difesa dei suoi dati si completa solo attraverso una collaborazione costante tra lei e il
nostro staff, a cui la invitiamo a segnalare ogni eventuale tentativo sospetto di appropriazione dei suoi
Grazie in anticipo per la collaborazione.
Restiamo a sua completa disposizione e non esiti a contattarci per ogni eventuale chiarimento o
segnalazione su quanto sopra esposto.
Google translate for your convenience:
Information Security Notice.
the effects of the changed geopolitical situation and the ongoing conflict between Russia and Ukraine have forced all operators and citizens to consider the issue of digital security with greater attention
and to raise the level of guard against possible intrusions into computer systems.
This is a phenomenon which had already registered a significant increase in recent times and which has
grown further as a result of the new scenarios generated by the conflict, both in the financial sector and in other sectors that affect our daily life (commerce, roads, health, education…).
For this reason too, the Institute for Works of Religion [IOR], which already operates with very high standards and levels of digital security, has strengthened its IT defense systems.
In this context and for your protection, we renew the invitation not to respond to any requests for
information regarding your personal data or financial services.
As you well know, it is not the practice of the staff of our Institute to request the sending of sensitive data or codes by phone or email.
If you have even the suspicion of a possible intrusion into your digital profiles, do not hesitate to contact us Email address: [/////]
Mail address: [/////]
to verify and possibly react promptly to protect your assets.
The barrier of defense of your data is completed only through a constant collaboration between you and our staff, to which we invite you to report any suspected attempt of appropriation of your sensitive references.
Thanks in advance for your cooperation.
We remain at your complete disposal and do not hesitate to contact us for any clarification or report on the above.
That would be right. The old double reverse:
- “We’re the government, and we’re here to help you. There are electronic phishing schemes from which we want to protect you, so, just please electronically send us all your personal details and codes and it’ll all be good, because we never otherwise electronically ask for your personal details and codes as we have throughout the years, you know, because we’re nice!”
This is all CYA in my opinion. This is blaming the victim in my opinion. If what is said is true, then they’ve been hacked and run by “Russia! Russia! Russia!” (as Tucker would say) for very many years indeed, long before Pope Benedict XVI abdicated, really a long time before Putin seriously thought about invading Ukraine.
The IOR (Vatican Bank) have been asking me – electronically – for my personal details and codes and such for all those years. Way back in the day I asked for confirmation from a friend in the Holy See as to the legitimacy of this request. He went to the IOR, “Vatican Bank”, for me to do just this. All legit, he reported. That was years and years ago. Since I still didn’t trust this reporting (sorry), I called the IOR a number of times and had extended conversations with any number of high-up officials. It was all legit, all the accusations of money laundering and the financing of international terrorism to as to force the electronic sending of personal details and codes, you know, to avoid the confiscation of account by IOR. A number of times more recently IOR tried this B.S. again and again. And then, hilariously, the IAS (IFRS) hinted to me about their oversight of the shenanigans of the IOR. Don’t forget, there’s a trial that’s ongoing about weirdnesses regarding hundreds and hundreds of millions of dollars that involves the IOR. Who can the Vatican blame when monies of accounts disappear? Putin! Pfft.
I’ve given up on recovering my two accounts at the IOR long ago. I figure that they’re likely stealing as much money as possible and squirreling it all away before all their B.S. hits the fan.
But maybe I’m wrong about all this. Maybe they’re just not thinking clearly. Maybe I’m not. But none of this adds up: “Send us all your details and codes electronically because we forbid you to enter into Vatican City because of Covid. We’ve asked you to do this electronically for years and years and years, which is why we say that we never ask for that information electronically! And we are continuing to accuse you of money laundering and the financing of international terrorism as we always have so as to force you to cooperate in our embezzling of your accounts. So, there! Take that dear client.”
That actually sounds like a confession to me.
Oh. I forgot. IOR already has all my personal details and codes. So, they don’t need to do this double-reverse phishing. That’s a clever phishing scheme indeed. “We already have all your details and codes so send us your details and codes electronically now so that we can protect you from recent phishing schemes to get your details and codes electronically.”
And it’s all done though the domains of Vatican City State “Holy See.” Let’s see…
Hey! Maybe this is a low-level employee at IOR who has no access to the data bases other than email addresses of clients, you know, to send out Christmas and Easter greetings, and he’s phishing for the rest. With some help of the Vatican postal service, it’s all easy peasy. You only need to cash in on a few “dead” accounts, and then run.
Putin is just a scapegoat.