Online banking fraud in Costa Rica has surged over the past six years, with reports rising 1,446% between 2019 and 2025 and topping 10,000 cases for the first time last year, according to data from the Judicial Investigation Agency. The OIJ figures show complaints climbed from 656 in 2019 to 10,142 in 2025, or roughly one reported victim every 51.8 minutes.
The spike has turned electronic fraud into one of our country’s fastest-growing crime problems. Separate OIJ reporting published in January said cyberfraud against banking entities caused losses of about ₡6 billion in 2025, driven in part by schemes involving fake bank websites built to capture customer usernames, passwords and other account data.
Recent data also challenges the assumption that older adults are the main targets. Between 2019 and 2025, the age group with the most fraud complaints was people ages 30 to 39, with 6,767 reported victims. That was followed by people ages 40 to 49, with 5,612 cases, and ages 50 to 64, with 5,593. People over 65 accounted for 2,811 complaints, placing them among the groups with the fewest reports.
San José recorded the highest number of cases during that period, with 8,311, followed by Alajuela with 5,957 and Heredia with 3,587. The data also shows reports clustering around common paydays, especially on the 1st, 2nd, 15th and 28th of the month.
The trend has added pressure on lawmakers and banks as complaints mount from consumers who say recovering stolen money remains slow and difficult. On March 4, Costa Rica’s Legislative Assembly approved in second debate bill 23.908, which would require banks and other supervised financial entities to answer for unauthorized electronic fraud claims filed by customers. The proposal still required President Rodrigo Chaves’ signature and publication to take effect at the time it was reported.
The bill says financial institutions would be responsible for damages caused by the theft of funds from customer accounts by unauthorized third parties, regardless of the method used, unless a legal exemption applies. It also sets a process giving customers 30 calendar days to file a claim with the bank, along with a copy of their OIJ complaint, and gives the institution up to 30 calendar days to investigate and decide the case, with a one-time extension of up to 10 business days.
The proposal has also fueled debate over how far bank liability should go. Reporting on the approved text said the banking division argued the law creates legal uncertainty and does not extend to credit card transactions, but backers say it would shift more of the burden away from consumers who have long been forced to prove they were not at fault.
Cybersecurity specialists say the rise in Costa Rica reflects a broader global pattern, but local vulnerabilities have made the country especially attractive to cybercriminals. Analysts have pointed to exposed digital infrastructure, leaked databases and the availability of enough personal information to make social engineering attacks more convincing and profitable.
For banks, regulators and customers, the numbers point to the same reality: online fraud is no longer a niche security issue. It has become a mainstream public risk touching thousands of Costa Ricans each year and forcing a response from both the financial system and the state.
The post Online Banking Fraud Hits Record Levels in Costa Rica appeared first on The Tico Times | Costa Rica News | Travel | Real Estate.