Banks do not take responsibility for phishing attacks

تنبيه البريد الإلكتروني وهمية للديون المالية

The law stipulates that banks are responsible for operations that are not authorized by account holders, but practice shows that entities do not assume responsibilities, particularly in cases of phishing, and only with recourse to judicial bodies can the respondents manage to recover the amounts misappropriated.

The alert is given by a lawyer from Deco, who in statements to the Diário de Notícias states that, as a rule, «banks do not assume the responsibilities of the situation», which ends up only being resolved using solutions such as those judged by peace, for example.

Regarding two cases of Montepio users who claim to have seen their account balance misplaced without having provided any codes, numbers or any type of information, the newspaper contacted technicians from PJ, Deco and the bank itself – who admit that the number of fraud has increased, but deny responsibility.

The banking institution claims that customers «will have been victims of an attack of a computer nature», practiced by strangers who have misappropriated the credentials of access to the service, excusing themselves from responsibilities.

Although the law says that banks have an obligation to «ensure that the personalized security features of the payment instrument are only accessible to the user who has the right to use that payment», the fact that the data was obtained in an abusive and error-induced customers is used as a justification. Accompanied by the fact that the computers used would not be properly protected, with negligence from customers.