Feeds

Florida man sues bank over $90K wire fraud

Why didn't you warn me about Trojans!

  • alert
  • submit to reddit

Reducing security risks from open source software

A Miami businessman is suing his bank after $90,000 was lifted from his firm's online banking account following a computer virus attack. Joe Lopez, 42, filed suit against the Bank of America in Miami Circuit Court last week alleging that the bank was negligent in failing to protect his account from compromise through known risks, the South Florida Sun-Sentinel reports.

The case is thought to be the first time a customer has sued a bank over cybercrime losses in the US. It will test the balance of responsibilities between banks and their users over ensuring the security of online banking transactions.

Lopez runs a small printer ink and toner business in Miami. He regularly uses wire transfers both to send and receive money from business contacts in the US and Latin America.

But on 6 April he discovered an unauthorised wire transfer of $90,348 to the Parex Bank in Riga, Latvia. Around $20,000 was withdrawn before the account involved was frozen. The remaining $70,000 remains at Parex Bank. Lopez reported the unauthorised transfer to the police. The US Secret Service became involved in the investigation, which featured a forensic examination of PCs used by Lopez and his businesss, Ahlo Inc, that uncovered infection by a Trojan called Coreflood.

Coreflood is primarily designed to conduct Denial of Service (DoS) attacks, but the theory is that the backdoor access it enabled criminals to extract banking passwords and account details entered into Lopez's PC. This remains unproven.

Lopez's legal case is that Bank of America knew of the risk posed by the Coreflood Trojan but failed to inform customers. There's also the question of whether Bank of America was diligent in so easily allowing the transfer of a large sum to a known centre of cybercrime. Lopez alleges breach of contract, negligence and intentional misrepresentation by Bank of America in a suit aiming to recover his money, plus interest and legal fees. Bank of America has ruled out any breach of its e-banking systems. It denies any responsibility over its customer's losses.

Lopez has taken a second mortgage of his home to keep his business afloat. His attempt to recover his funds from Riga is caught in a tangle of legal and bureaucratic red tape. Lopez's lawyer, Ralph Patino, hopes the suit will attain class action status, allowing more fraud victims to sue their banks over cybercrime losses.

Lopez has stopped using wire transfers. ®

Related stories

Trojan targets UK online bank accounts
UK banks launch anti-phishing website
SA police arrest man in Absa Net bank fraud case
Fraudsters recruit phishing middlemen
Phishing losses overestimated - survey

Seven Steps to Software Security

More from The Register

next story
Stick a 4K in them: Super high-res TVs are DONE
4,000 pixels is niche now... Don't say we didn't warn you
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Philip K Dick 'Nazi alternate reality' story to be made into TV series
Amazon Studios, Ridley Scott firm to produce The Man in the High Castle
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
Bose says today is F*** With Dre Day: Beats sued in patent battle
Music gear giant seeks some of that sweet, sweet Apple pie
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
Too many IT conferences to cover? MICROSOFT to the RESCUE!
Yet more word of cuts emerges from Redmond
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.