Schneier: Make Banks Responsible for Phishers

abgillette writes "Writing for Wired News, security guru Bruce Schneier says that the only way to stop phishers and identity thieves is to make financial institutions solely responsible: "Push the responsibility -- all of it -- for identity theft onto the financial institutions, and phishing will go away. This fraud will go away not because people will suddenly get smart and quit responding to phishing e-mails, because California has new criminal penalties for phishing, or because ISPs will recognize and delete the e-mails. It will go away because the information a criminal can get from a phishing attack won't be enough for him to commit fraud -- because the companies won't stand for all those losses.""

Re:It's a good point but...

[johnlcallaway]

Consider this. I have told my mother a couple of hundred times to not send me urban legends, but to check snopes.com first. Guess how many 'send this email to everyone you know' emails I get a month?? At least one.

My brother continues to buy 'deals' at truck stops around the US. Watches for $5, drills for $10, etc and he is still surprised that this crap doesn't work.

Education does not work for these types of schemes because the scammers know that there are many people who are just gullible or choose to wish that what the scammer is telling them is true. If they can contact 1,000 people, odds are a couple will respond and provide them enough funds to do it again tomorrow.

How stupid

[jessecurry]

Why not make people responsible for giving out their personal information. Seriously.

If this happens why don't we remove all personal responsibility... if I shoot someone, we can hold glock responsible... if I break into someone's house, we'll hold stanley responsible... if I hit someone with my motorcycle, we can hold suzuki responsible....