Bank's Liability For Phishing Fraud
For the First time in India, Bank Absorbs Phishing Liability
Phishing attacks are a common form of risks in today's Internet based Banking. Banks have been largely bulldozing the customers into believing that the liability for Phishing should be boarne by the customers because they were negligent in responding to the Phishing mail.
However, the legal position can be different. Phishing is a result of multiple contraventions of ITA 2000 particularly after the amendments of 2008. It results in wrongful loss to the customer. The contravention therefore attracts provisions of Section 43 for adjudication.
Already, several complaints have been registered on Banks under Section 66 and 66A of ITA 2000/ITA 2008 in Bangalore, Chennai and Hyderabad.
The Banks are basically being held liable under the age old Banking law that "Forgery cannot be held against the customer, however clever or undetectable the forgery is".
In this connection we may refer to the Supreme Court decision in the Canara Bank Vs Canara Sales Corporation AIR 1987 SC 1603II) in which Supreme Court held that bank can escape liability only if it could establish that the client knew of the forgery.
This principle has been used time and again in Banking Cases such as the following.
https://www.lawweb.in/2012/10/banks-liability-for-phishing-fraud.html#more
