[127391] in cryptography@c2.net mail archive
German banks liable for phishing (really: keylogging) attacks
daemon@ATHENA.MIT.EDU (Stephan Neuhaus)
Fri Jul 4 12:04:44 2008
From: Stephan Neuhaus <neuhaus@st.cs.uni-sb.de>
To: Cryptography <cryptography@metzdowd.com>
Date: Fri, 4 Jul 2008 14:48:27 +0200
This article: http://www.spiegel.de/wirtschaft/0,1518,563606,00.html
(sorry, German only) describes a judgment made by a German district
court which says that banks are liable for damages due to phishing
attacks. In the case in question, a customer was the victim of a
keylogger even though he had the latest anti-virus software installed,
and lost 4000 Euro. The court ruled that the bank was liable because
the remittance in question had demonstrably not been made by the
customer and therefore the bank had to take the risk.
Even though phishing and keylogging are not really related, this
ruling is remarkable because courts had almost always ruled in favor
of the banks in the past. So it could set an important precedence.
Fun,
Stephan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
