Is Your Bank Responsible For Not Warning You About Keyloggers?

from the seems-like-a-stretch dept

We’ve spoken before about the Steve Dallas school of “sue whoever has the most money, even if they’re obviously not at fault” way of thinking. It appears that someone in Florida who was scammed out of $90,000 is using the same tactic in suing Bank of America for allowing him to be a victim of a keylogging attack. It’s not entirely clear what happened, but investigators found some kind of trojan horse program on his PC, and they assume that allowed a keylogging program to be installed. From that, someone got his bank account info and transferred $90,000 out of his account and sent it to Latvia. While the guy is obviously a victim of fraud, instead of going after those who actually committed the crime, he’s suing Bank of America for not warning him that bad people might try to steal his money. Maybe he should his parents, too, for not teaching him that some people aren’t very nice. Bank of America, for their part, should be trying to help this guy get back his money, but it’s unclear how they should be blamed for the crime.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Is Your Bank Responsible For Not Warning You About Keyloggers?”

Subscribe: RSS Leave a comment
Mike (profile) says:

Re: Huh?

Lopez’s legal case is that Bank of America knew of the risk posed by the Coreflood Trojan but failed to inform customers.

That seems to be focused on the fact that they didn’t warn him about a keylogger… However, he is also looking at whether or not a flag should have been raised, which is a more valid complaint. While I do believe the bank could have done a better job, it’s not clear what they did is illegal.

GP says:

Re: Re: Huh?

I disagree on this one. Think about the implications of your approach. Anyone with significant assets in any type of online-accessible account would be wise to immediately terminate online access, as the customer would bear all risk of being hacked. This is bad for the banks, which love the move to online, as it greatly reduces their overhead costs. They don’t want online banking to be useable only by the top 1% of technophiles.
If you leave your checkbook laying around and someone forges your signature, you’re not liable. Why should this be different?
The bank has the power to implement state of the art systems and processes to minimize its damages and also can insure against these risks for pennies. The consumer cannot do so nearly as easily or cheaply. The decision to allow online transactions was one once taken most seriously and carefully (witness how Fidelity went about it cautiously a number of years ago). It still should be.
This is a classic case of setting up a poor system and blaming the customer for the loss. My prediction: the bank will cover the loss because they are stone-cold losers in court, and should be.
If they wire transfer 90k of a customer’s money to Latvia based on:
UserID: peanuts
password: snoopy1
they absolutely should bear the risk. I can’t find out the balance of my cable TV bill over the phone without being interrogated with numerous questions. Transferring 90k should be 100 times harder.

Mike (profile) says:

Re: Re: Re: Huh?

Hmm. I think people are misreading what I wrote. I DO think that BOA should be more responsible in helping this guy recover his losses.

What I’m objecting to is the idea that they’re guilty BECAUSE THEY DIDN’T WARN HIM THAT KEYLOGGERS WERE OUT THERE. That’s it. That’s what the lawsuit claims. That’s the part I have a problem with.

GP says:

Re: Re: Re:2 Huh?

I think the lawyer is just smart and is framing the issue as narrowly as possible. Courts do try to stick to settled principles, and the duty to warn of a known risk is well established in tort law.
Many legal issues that appear ridiculous on their face actually make sense when seen through this prism. The lawyer owes it to his client to make the easiest legal argument to win.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...