[Dshield] Banks Openly Inviting Email Fraud
Jon R. Kibler
Jon.Kibler at aset.com
Tue Feb 24 15:32:42 GMT 2004
Darren Gragg wrote:
> being the CTO for a bank, I completely agree with your observations and
A bank CTO... good. I have a few questions for you regarding the legal aspects
of this issue.
1) If someone falls for a bogus bank web site scam and their bank account
is pillaged, is the customer protected against the loss?
2) If someone hacks one of your customer's computers that uses the bank's
software for on-line banking, and uses that software to transfer money
out of the customer's account, is the customer protected against the loss?
(We had a customer [military family] a few years ago whose computer was
hacked and someone accessed their on-line banking software and used it
to transfer money out of the country. At the point in time that we told
the customer that they needed to get NIS to handle the now criminal
hacking investigation, the bank was saying that they were not responsible
for the loss because the customer had allowed their computer to become
infected with a worm that gave hackers access to their computer, and it
was thus negligence on the customer's part and the bank was not responsible
for the loss. We never did hear the outcome of the case.)
3) Do Federally chartered vs State chartered banks have different liability
rules in these cases? How about banks vs thrifts vs credit unions -- are
they any different?
Thanks for your insight!
Jon R. Kibler
Chief Technical Officer
Charleston, SC USA
Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.
More information about the list