The Tesco Bank incidents
20,000 customer are reported to have been victim to online fraud, leading to payments being taken from their accounts. Tesco Bank has agreed to refund losses, but has yet to explain what caused the frauds.
Broadly, liability for online fraud lies with whose fault it is.
Where a bank has had data stolen, it is responsible for resulting financial losses.
If a customer has been careless, the customer will usually have to bear the loss.
Need to watch out:
- Possible Trojan viruses that infect your computer and monitor your transactional details to use them, or else take over control of your computer.
- Your email account being hacked into so that transactional information is stolen, or else your correspondents’ identity is hijacked to persuade you to send money to a false bank account. – eg a friend ‘in distress’, a hotel you booked accommodation with or a solicitor you are buying a house through. (These incidents can lead to conflict and uncertainty over which party’s email or IT system has been hacked. If the guilty party – perhaps a hotel with weak IT security – is in another country it can be very difficult to require them to accept liability.)
- Conducting transactions at an airport or cafe where the wifi system might be vulnerable.
- Phishing emails.
- Phone calls designed to enable someone to open up your IT protections to enable them to gain remote access to your system.
The key thing is to use common sense, for example to be aware that emails (or phone calls, or texts) from ‘friends’, ‘your solicitor’, ‘your bank’ or ‘Microsoft’ might not be from who you think it is. Double and triple check before you make any transactions (or changes to your computer settings) based on information received by phone, text or email.
Paul Gosling / 7 November 2016