[Dshield] Banks Openly Inviting Email Fraud

Jon R. Kibler Jon.Kibler at aset.com
Tue Feb 24 15:32:42 GMT 2004


Darren Gragg wrote:
> 
> Jon-
> 
<SNIP!>
> being the CTO for a bank, I completely agree with your observations and
<SNIP!>

A bank CTO... good. I have a few questions for you regarding the legal aspects 
of this issue.

  1) If someone falls for a bogus bank web site scam and their bank account
     is pillaged, is the customer protected against the loss?

  2) If someone hacks one of your customer's computers that uses the bank's
     software for on-line banking, and uses that software to transfer money
     out of the customer's account, is the customer protected against the loss?
     (We had a customer [military family] a few years ago whose computer was
     hacked and someone accessed their on-line banking software and used it
     to transfer money out of the country. At the point in time that we told
     the customer that they needed to get NIS to handle the now criminal
     hacking investigation, the bank was saying that they were not responsible
     for the loss because the customer had allowed their computer to become
     infected with a worm that gave hackers access to their computer, and it
     was thus negligence on the customer's part and the bank was not responsible
     for the loss. We never did hear the outcome of the case.)

  3) Do Federally chartered vs State chartered banks have different liability
     rules in these cases? How about banks vs thrifts vs credit unions -- are 
     they any different?

Thanks for your insight!

Jon Kibler
-- 
Jon R. Kibler
Chief Technical Officer
A.S.E.T., Inc.
Charleston, SC  USA
(843) 849-8214




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.



More information about the list mailing list