The LG Koblenz decided that a transfer to an obviously fake online payment request will not be reimbursed by the bank.
The Regional Court (LG) Koblenz is currently dealing with the question of whether a Bank is obliged to pay for an amount that a customer has transferred to an unknown fraudster in response to an obviously fictitious request in online banking.
The LG came to the conclusion that the plaintiff should have recognized the fraud as such. Due to grossly negligent breach of duty of care by the customer, the lawsuit was dismissed as a result. Accordingly, the bank is not obliged to refund the amount in this situation. The judgment of 01.09.944, Az. 3 O 944/10 is still not legally binding. The Koblenz Regional Court informed about this.
Pharming victim sues Money refund
In the given legal case, a bank customer used the online banking there. To complete her banking transactions, she logged on 23.11.2020 hence there one. However, malware on her computer caused a window to open. Along with this, a message pointed out that a “demo transfer” in the amount of several 10.000 euros to a Mr. Mustermann. Irritated by this, the plaintiff started the registration again. But then she followed the instructions and also entered her generated TAN number for the process. The customer then accessed her real online banking and carried out her banking transactions as usual.
The plaintiff requested the bank to return the amount transferred to the fraudsters. She felt that she could not have realized that she was a victim of a pharming scam. In addition, her computer was protected by a virus program. The defendant bank, on the other hand, rejected the request. She argued that the plaintiff’s behavior was grossly negligent. Consequently, they must pay for the damage themselves.
Pharming is a neologism of the terms farming and phishing. Pharming is a cyber attack aimed at redirecting traffic from one website to another, fake website. This involves installing a malicious program on the victim’s computer. “Pharming can be done either by modifying the hosts file on the victim PC or by exploiting a vulnerability in the DNS server software”.
Violation of due diligence in online banking exempts the bank from the reimbursement obligation
In its judgement, the court agreed with the defendant’s opinion. According to the LG, the plaintiff:
“in a grossly negligent manner violated its duty of care”, when she did the “demo transfer” with a real transaction number. She didn’t think about things that were quite obvious and didn’t pay attention to what should have been obvious to anyone. The average computer user could be expected to stop using online banking when circumstances are very dubious and point to a questionable activity.”
“That – the court continued – was the case here. It is very unusual that a real TAN has to be entered, although no real transfer is to be carried out. This must have made the plaintiff suspicious. The high sum mentioned in the “demo transfer” should also give cause for particular caution. The plaintiff herself admitted that the request for a demo transfer “had struck her as emotionally funny”, which is why she initially started from the beginning. You could also see that the real destination account number and the actual transfer amount were displayed on the TAN generator. Nevertheless, the plaintiff entered the transaction number for the “demo transfer”. The court considered this to be such a gross violation of a bank customer’s duty of care that the plaintiff had to bear the damage herself.”