Finance
Sections
Highlight
Sections
Highlight
A Malaga court has ordered Spain's BBVA bank to repay a cyber scam victim almost 10,000 euros.
The woman on the receiving end of the scam received two text messages purporting to be from her bank. Just a few minutes later, she received a phone call from the bank's supposed security employee, warning her that a fraudulent charge had been detected. To avoid this, the fake operator told her she should make an immediate transfer to another account number that the branch had opened in her name. Deceived, she followed the instructions being given by fraudsters, to whom she transferred the amount of 9,900 euros.
This Malaga resident, who fell victim to the scamming technique known as 'phishing', had tried to contact the manager of her branch through the app of the bank, BBVA, but did not receive a reply for some 20 minutes. By then, the fraudulent operation had already taken place.
In an attempt to recover her money, she filed a lawsuit against the bank for failing to fulfil its contractual obligations and not deploying the means at its disposal to prevent cybercriminals from defrauding her. A Malaga court ruled in her favour, ordering the bank reimburse her the 9,900 euros defrauded.
The woman, as stated in the judgement seen by SUR, only became aware of the scam once she had already made the transfer. Her suspicions were confirmed when she still had the cybercriminals on the phone, whom she asked to wait. Using another mobile phone, she called her real branch. That's when she was informed that she had been a victim of fraud and that she should hang up on the scammers immediately to avoid further transfers.
The bank opposed the claim, arguing it was the conduct of the user that allowed the fraud to occur. It pointed out that the bank complied with its contractual obligations and also deployed all the means of security available to it.
However, the judge said that the victim could not have foreseen that she was being deceived. "There is no evidence of negligence in the actions of the plaintiff of sufficient seriousness and importance to make her liable for the loss suffered," the judge said. The method used in this fraud has a "degree of perfection that would be difficult for an average consumer to detect," the judge added.
The fraudsters, in this case, resorted to a mobile or web application that allowed them to imitate the number, so that the victim's screen showed the same phone number as the bank's office. "The previous and subsequent SMS-type messages received imitated both the design and the terminology used by their bank and were included in the same thread or chain of messages actually sent by their bank," the ruling pointed out.
The victim tried to communicate with the office manager, whom she informed of what was happening to her through several messages from the mobile application. "It is clear that the applicant's conduct cannot be described as grossly negligent," the court heard.
Lawyer Esther Amrán (AC Abogada), who represented the victim, said the ruling reinforces the responsibility of financial institutions in the face of increasingly complex cyber attacks, as well as the need for more secure protocols to be adopted.
Publicidad
Publicidad
Publicidad
Publicidad
Esta funcionalidad es exclusiva para suscriptores.
Reporta un error en esta noticia
Comentar es una ventaja exclusiva para registrados
¿Ya eres registrado?
Inicia sesiónNecesitas ser suscriptor para poder votar.