Banks are liable for phishing attacks on customers, says German court

Home
Topics
IT security
IT risk management
Banks are liable for phishing attacks on customers, says German court

News

Banks are liable for phishing attacks on customers, says German court

translated by Ross Anderson

A German court has ruled that banks are liable for phishing attacks on customers, reports Spiegel.

A judgment of the Amtsgericht (lowest court) at Wiesloch says the banks are responsible for damages arising from unauthorised interception of confidential data (phishing).

In the case in question, the wife of an online banking customer wanted to make a payment transaction from home.

She entered the Pin and Tan (one-time authorisation code) and then the screen suddenly flared up then briefly went black. A technical glitch, she thought, and continued with the transaction.

A few days later the husband got a phone call from his bank. The official had noticed that about 4,000 euros had been paid out of the account in the context of an eBay auction - a transaction that the couple had not made.

Experts then examined the customer's PC. Although up-to-date anti-virus software was installed, they found 14 malicious programs, including keylogging software.

The bank must now pay for the resulting losses. The court based its decision on the fact that the payment demonstrably did not come from the customer.

Neither he nor his wife had given instructions for the payment. "The bank bears the forgery risk of the transfer order," the judgment said.

It was found that a person in Germany had sent the stolen money to someone in St Petersburg in Russia.

Related Topics: IT risk management, IT strategy, Hackers and cybercrime prevention, VIEW ALL TOPICS

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Read More

Show me more

COMMENTS powered by Disqus // Commenting policy

More from Related TechTarget Sites

CIO
Security UK
Networking UK
Virtual Data Centre
Data Management UK

CIO
- Innovation and agility start with application process optimization
  
  This tip discusses how to achieve the goals of business process reengineering, including application process optimization for innovation and agility.
- Agile development methodologies, transparency pay dividends for NYSE
  
  A chief digital officer's bullishness on agile development methodologies and transparency led to NYSE Euronext's Web success.
- Mobile operations and security specialist makes mobile strategies sing
  
  Forrester Research analysts outline why a mobile operations and security specialist is essential for an effective, long-term mobile strategy.
Security UK
- Prep and test your Olympics 2012 security contingency plans
  
  To maintain information security during the 2012 Olympics, security and IT contingency plans must be tested in several key areas.
- File upload security best practices: Block a malicious file upload
  
  Do your Web app users upload files to your servers? Find out the dangers of malicious file uploads and learn six steps to stop file-upload attacks.
- MDM, security vendors scramble to address BYOD security issues
  
  Organisations are looking beyond NAC and MDM to resolve BYOD security issues; MDM, security and hybrid vendors are responding with new products.
Networking UK
- Cisco Live London: 40 and 100 GbE, souped up WLAN
  
  At Cisco Live London, Cisco launched 40 and 100 GbE switching, a souped-up 4-antenna WLAN access point, and a host of network virtualisation technologies.
- UK Networkers should gear up for mobility implementations in 2012
  
  Companies are rethinking legacy tools to take advantage of what users get from having access to data and applications across all kinds of devices, according to TechTarget’s 2012 IT Priorities Survey.
- Cloud gets vote of confidence from UK buyers in 2012 IT priorities
  
  The cloud is set to be a key investment area for UK buyers in 2012 with 30.5% of IT buyers pledging to spend on the technology, according to TechTarget’s 2012 IT Priorities Survey.
Virtual Data Centre
- Microsoft volume licensing costs to increase up to 33.5%
  
  Microsoft will increase its volume licensing prices in the UK between 7.5% and 33.5% starting July 1 to maintain price consistency owing to the sustained currency difference in Europe.
- VMware vSphere 5 storage features: Part two
  
  VMware vSphere 5 storage features include Storage DRS, VSA and data store clusters. IT pros can learn what these features bring to their infrastructure and how best to use them.
- VMware updates vFabric Suite for cloud automation: News roundup
  
  VMware ‘s launch of vFabric Suite 5.1 for cloud automation, Equinix’s acquisition of a colo service provider and UK SMEs’ cloud adoption are this week’s highlights.
DataManagement UK
- History lesson points way forward on data management projects
  
  Data management projects often suffer from historic amnesia. Projects that co-locate business and IT staff and keep to a manageable scale can achieve remarkable results, says consultant Andy Hayler.
- NEC Europe has yen for Host Analytics’ financial planning
  
  NEC Europe has signed up to use Host Analytics' cloud-based financial planning service to better integrate an acquisition and support its growth plans.
- Podcast: How to craft an effective MDM strategy
  
  In this podcast interview, Andy Hayler gives advice on how to create and implement an MDM strategy that is ruthlessly focused on business value.

All Rights Reserved, Copyright 2000 - 2012, TechTarget