Phishing Victim Sues Own Bank   2/9/2005 - 943 views,

Well, Joe Lopez, of Miama, Florida, thinks that your bank should be. At least that is what he is claiming in his lawsuit against Bank of America, through which he is trying to recover more than $90,000 which he claims the bank negligently allowed a Latvian phisher to suck out of his bank account.

Industry experts are already lining up to watch the outcome of this lawsuit, the first of its kind, but unlikely to be the last.

Bank of America, for its part, takes no responsibility whatsoever for the apparent ease with which the fraudulent transaction took place. Despite the fact that the bank clearly knew about the threat of phishing attacks on its customers, that the fraudulent transfer was for an inordinately large sum of money, to a country with which Lopez did not ordinarily do business, and to a counry which is known for its cybercrime connections.

In fact, Bank of America’s attorney has said that the bank was not responsible for the loss “because no one hacked into its system to initiate the wire transfer”. Of course, if a bank is robbed, the bank may not ordinarily be responsible either, but what if they did not take adequate precautions to protect their customer’s cash? What if they had put a sign in the window saying “We leave our customer’s cash out loose on the counter?” When they knew that a band of bank robbers was active in the neighborhood? What then?

The good news is that $70,000 of the original lost $90,000+ is still in the bank in Latvia, frozen for now. The bad news is that in order for Lopez to get it back, someone has to open an inquiry in Latvia. Said Bank of America “Since we are not responsible for the fraud and have not ourselves sustained a loss, we are not in a position to make such a request.”

It’s true that they haven’t sustained a loss…yet.

Yes, this should be an interesting case.