Slashdot Mirror

← Back to Stories (view on slashdot.org)

Schneier: Make Banks Responsible for Phishers

Posted by CmdrTaco on from the now-there's-an-idea dept.

abgillette writes "Writing for Wired News, security guru Bruce Schneier says that the only way to stop phishers and identity thieves is to make financial institutions solely responsible: "Push the responsibility -- all of it -- for identity theft onto the financial institutions, and phishing will go away. This fraud will go away not because people will suddenly get smart and quit responding to phishing e-mails, because California has new criminal penalties for phishing, or because ISPs will recognize and delete the e-mails. It will go away because the information a criminal can get from a phishing attack won't be enough for him to commit fraud -- because the companies won't stand for all those losses.""

5 of 429 comments (clear)

  1. Re:No Chance by jaypaulw · · Score: 0, Troll

    Yes those Jews and the Rothschilds seem to run everything

  2. Re:It's a good point but... by johnlcallaway · · Score: 1, Troll

    Consider this. I have told my mother a couple of hundred times to not send me urban legends, but to check snopes.com first. Guess how many 'send this email to everyone you know' emails I get a month?? At least one.

    My brother continues to buy 'deals' at truck stops around the US. Watches for $5, drills for $10, etc and he is still surprised that this crap doesn't work.

    Education does not work for these types of schemes because the scammers know that there are many people who are just gullible or choose to wish that what the scammer is telling them is true. If they can contact 1,000 people, odds are a couple will respond and provide them enough funds to do it again tomorrow.

    --
    I rarely read replies, it's my opinion and if you thought about your opinion a little more, I'm OK with that.
  3. Never mind Phishers by phorm · · Score: 0, Troll

    Most online banking sites I know specifically tell you on a regular basis to *DELETE* any emails in regards to banking and passwords, etc etc. We aren't talking about making banks responsible for hacked, accounts, etc, but for the stupidity of customers who disregard both common sense and warning to endanger themselves.

    Personally, I see a greater risk in spyware than phishing. It requires a certain degree more stupidity to enter your personal details in myb@nk.com than it does to login into your banking site as normal than to get your password snarfed by a keylogger, etc.

    What I would like to see is banks held more responsible in keeping the safety of debit accounts of responsible users. There are instances where fake banking machines are setup to capture PINS and magcard signatures, as well as situations where cameras and cardreaders placed over the slot on legitimate machines snag customer's numbers. When it comes to actual bank equipment, or when people are able to impersonal legitimate physical equipment, the bank still often says 'tough luck' where they should be held responsible.

  4. How stupid by jessecurry · · Score: 1, Troll
    Why not make people responsible for giving out their personal information. Seriously.

    If this happens why don't we remove all personal responsibility... if I shoot someone, we can hold glock responsible... if I break into someone's house, we'll hold stanley responsible... if I hit someone with my motorcycle, we can hold suzuki responsible....

    --
    Those who know, do not speak. Those who speak, do not know. ~Lao Tzu
  5. Kind of like the auto industry... by hhr · · Score: 0, Troll

    This is kind of like the auto industry. A safe well trained driver doesn't need seat belts, air bags and crumple zones. But for the rest of us they are great ideas.

    In the past many cars were very unsafe. Read "Unsafe at Any Speed" for more on that. By making the auto industry responsible for its product, things improved greatly.

    If it happens once, then it was a fluke. If it happens many times, then you have a problem with the product, in this case banking