Phishing losses are the victim's fault - banks bear NO responsibility !.
Last week a top German court ruled that banks do not have to reimburse customers following a phishing attack! On-line phishing scams are increasingly prevalent and increasingly sophisticated. Reports show that for the last three months of 2011 phishing attacks increased 25% with the number of brands scammers use as bait to trick users also increasing. Recent high profile phishing scams include fake Verizon bills via email, fake paypal payment confirmation emails and the enormous phishing scams spreading on the Chinese social network Weibo that saw thousands of victims affected.
Who’s responsible for on-line banking abuse?
This month a German court has ruled for the first time on the question of whether banks or their clients are responsible for online-banking abuse. This judgement is the result of a case where a customer lost over €5,000 from his bank account in a transaction he claims not to have completed. The victim entered his bank account details on a fake banking site, the details were later harvested by cybercriminals and used to access the funds in the victims account. Surprisingly for many the judgement declared that the victim not the bank is responsible for any money lost to on line scams.
The judgement explained that customers had been warned about potential phishing attacks on its website. The judges ruled that lack of care in handling the bank codes amounted to negligence on the part of the customer. The victim argued that the bank had a duty to protect its customers but the court upheld previous judgements by the district and state courts, agreeing that the customer should bear full responsibility for falling for the scam.
Banks must favour vigorous anti phishing measures
While phishers are constantly changing their tactics, it doesn’t look as though they’re going away any time soon. Banks must favour vigorous security procedures that help reduce the chances of fraud, users who know little about Phishing attacks and who do not have Anti-Phishing solutions in place are at constant risk whenever online. Banks should educate their customers on how to be more proactive and aware in terms of online security so that they can minimize the risk of fraud. To do this banks and other online retailers must invest in network security solutions that prevent phishing attacks.
Do you agree that victims of an on line phishing scam should take full responsibility as the scam succeeded based on their own negligence?
Do you think the security choices of the spoofed bank may contribute to a successful attack.?