Feeds

BoI to refund phishing victims

Compensation u-turn

SANS - Survey on application security programs

Bank of Ireland has agreed to compensate victims of a recent phishing scam, backtracking from its earlier position.

The bank had initially refused to refund victims, who lost about €160,000 to scammers after receiving the fake emails. However, reports in the Irish Independent on Tuesday indicate that the bank has since had a change of heart.

For its part Bank of Ireland has refused to comment on the cases, releasing a general statement on phishing instead.

"Bank of Ireland is aware that there are fraudulent emails being circulated purporting to be from Bank of Ireland 365 online," it said. "Bank of Ireland can not discuss individual cases where a customer has received and responded to such an email."

It seems the banks just can't win. The nine customers who were conned out of the cash had threatened to sue the bank for compensation if their money wasn't returned. But now experts fear that there could be a surge in phishing cases, encouraged by the compensation paid out by Bank of Ireland.

Conor Flynn, technical director of Rits, said the move was essentially a goodwill gesture by the bank. However, he warned that people may feel less threatened by the scams in future as a result.

"It certainly will not help things," he said, speaking with ENN. "People will feel they have a buffer of security."

However, he also pointed out that banks may implement more technologies that will push the responsibility back on to the customers to safeguard their details and prove that they didn't reveal their confidential details to a third party.

"It's not a victimless crime," Flynn pointed out. "Banks still have to record record-profits. If they lose cash through compensating phishing victims, bank customers will pay."

However, despite the high profile coverage, phishing is not a unique problem to Bank of Ireland, something the bank is keen to point out.

"This problem is not unique to Bank of Ireland and similar fraudulent emails purporting to come from other banks, credit card companies, e-retailers etc are also in circulation," Bank of Ireland said in its statement.

Other financial institutions have warned customers of other phishing scams, including AIB and internet bank RaboDirect. eBay is also a popular target for scammers.

Copyright © 2006, ENN

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
Canadian taxman says hundreds pierced by Heartbleed SSL skewer
900 social insurance numbers nicked, says revenue watchman
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.