Phishing emails pose a financial risk, according to a regional court's warning. - High Court Issues Alert on the Expensive Aftermath of Fraudulent Emails
The Higher Regional Court of Oldenburg has ruled that individuals who enter their login credentials in phishing emails and thereby handle fraudulent messages with gross negligence are not entitled to compensation from their banks for resulting financial losses.
In a case that took place in the Ammerland region, a couple lost approximately €41,000 after their account was accessed via a phishing email. The court dismissed the couple's lawsuit, citing their gross negligence.
The court's decision emphasizes the potential consequences of entering sensitive information on fake websites. The plaintiff in this case received an email supposedly from her bank, asking her to update her PushTAN registration within two days. The link provided in the email led her to a fake website.
It is plausible that the plaintiff entered her username and PIN on the fake website, according to the court. On the fake website, the wife entered at least her birthdate and EC card number and received a registration link via SMS. It is assumed that the wife also entered her username and PIN on the fake website.
The next day, she noticed that the money had been transferred from their joint account to an account in Estonia. The Higher Regional Court confirmed the previous decision of the Regional Court, stating that the plaintiff should have doubted the seriousness of the email due to several spelling errors.
The court's ruling serves as a warning for individuals to be cautious when handling links in phishing emails. The ruling highlights the importance of secure online banking practices to protect against phishing scams.
The Higher Regional Court has made it clear that customers have a responsibility to exercise caution. Banks will not refund stolen funds from accounts accessed via phishing emails, according to the decision. This means that if a person clicks on a phishing link and inputs sensitive information such as banking credentials, the resulting theft of funds cannot be recovered through bank compensation.
In summary, entering login credentials in phishing emails is considered gross negligence. Banks are not legally required to compensate customers for losses caused by such negligence. The ruling explicitly serves as a warning that negligent behavior with phishing emails can lead to significant personal financial damage without recourse to repayment by the bank.
Vocational training in cybersecurity and technology could help individuals better identify phishing emails and protect their accounts from potential losses. It's important for community members to be aware of the need for proper finance management, including safeguarding their funds from phishing attacks. Ignoring such training and falling victim to phishing scams would still leave them without bank compensation due to their demonstrated gross negligence.
