Is Your Bank Responsible For Not Warning You About Keyloggers?

from the seems-like-a-stretch dept

We've spoken before about the Steve Dallas school of "sue whoever has the most money, even if they're obviously not at fault" way of thinking. It appears that someone in Florida who was scammed out of $90,000 is using the same tactic in suing Bank of America for allowing him to be a victim of a keylogging attack. It's not entirely clear what happened, but investigators found some kind of trojan horse program on his PC, and they assume that allowed a keylogging program to be installed. From that, someone got his bank account info and transferred $90,000 out of his account and sent it to Latvia. While the guy is obviously a victim of fraud, instead of going after those who actually committed the crime, he's suing Bank of America for not warning him that bad people might try to steal his money. Maybe he should his parents, too, for not teaching him that some people aren't very nice. Bank of America, for their part, should be trying to help this guy get back his money, but it's unclear how they should be blamed for the crime.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Oliver Wendell Jones, 8 Feb 2005 @ 2:20pm

    Huh?

    It was my impression from the story that he was more concerned about the bank not noticing that after years of small transactions to Central/South America (I forget which already), suddenly a $90,000 transaction to Easter Europe pops up out of nowhere and they did nothing to confirm it before leaving him poor.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Feb 2005 @ 2:50pm

      Re: Huh?

      I agree with this statement. Bank of America should not of blindly approved such a huge transfer of funds without any confirmation. I agree that was his gripe as well, which I think is very valid.

      link to this | view in chronology ]

    • icon
      Mike (profile), 8 Feb 2005 @ 4:12pm

      Re: Huh?

      Lopez's legal case is that Bank of America knew of the risk posed by the Coreflood Trojan but failed to inform customers.

      That seems to be focused on the fact that they didn't warn him about a keylogger... However, he is also looking at whether or not a flag should have been raised, which is a more valid complaint. While I do believe the bank could have done a better job, it's not clear what they did is illegal.

      link to this | view in chronology ]

      • identicon
        GP, 8 Feb 2005 @ 4:52pm

        Re: Huh?

        Mike,
        I disagree on this one. Think about the implications of your approach. Anyone with significant assets in any type of online-accessible account would be wise to immediately terminate online access, as the customer would bear all risk of being hacked. This is bad for the banks, which love the move to online, as it greatly reduces their overhead costs. They don't want online banking to be useable only by the top 1% of technophiles.
        If you leave your checkbook laying around and someone forges your signature, you're not liable. Why should this be different?
        The bank has the power to implement state of the art systems and processes to minimize its damages and also can insure against these risks for pennies. The consumer cannot do so nearly as easily or cheaply. The decision to allow online transactions was one once taken most seriously and carefully (witness how Fidelity went about it cautiously a number of years ago). It still should be.
        This is a classic case of setting up a poor system and blaming the customer for the loss. My prediction: the bank will cover the loss because they are stone-cold losers in court, and should be.
        If they wire transfer 90k of a customer's money to Latvia based on:
        UserID: peanuts
        password: snoopy1
        they absolutely should bear the risk. I can't find out the balance of my cable TV bill over the phone without being interrogated with numerous questions. Transferring 90k should be 100 times harder.

        link to this | view in chronology ]

        • icon
          Mike (profile), 8 Feb 2005 @ 6:40pm

          Re: Huh?

          Hmm. I think people are misreading what I wrote. I DO think that BOA should be more responsible in helping this guy recover his losses.

          What I'm objecting to is the idea that they're guilty BECAUSE THEY DIDN'T WARN HIM THAT KEYLOGGERS WERE OUT THERE. That's it. That's what the lawsuit claims. That's the part I have a problem with.

          link to this | view in chronology ]

          • identicon
            GP, 8 Feb 2005 @ 9:18pm

            Re: Huh?

            I think the lawyer is just smart and is framing the issue as narrowly as possible. Courts do try to stick to settled principles, and the duty to warn of a known risk is well established in tort law.
            Many legal issues that appear ridiculous on their face actually make sense when seen through this prism. The lawyer owes it to his client to make the easiest legal argument to win.

            link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.