ICICI Bank has been fined with Rs. 12.85 lakh on account of a phishing fraud. This has been the first case filed under the Information Technology Act. Tamil Nadu IT secretary on Monday directed ICICI Bank to pay Rs 12.85 lakh to an Abu Dhabi-based NRI within 60 days for the loss suffered by him due to a phishing fraud.
Phishing scam is the most common type of internet fraud in which the scammer acquired personal information of the customer using false emails and duplicate websites.
The compensation to be provided by the bank includes loss that has been suffered by the customer, his travel expenses and the financial loss that has been incurred on account of "complete lack of involvement of the respondent bank," said TN IT secretary PWC Davidar in his order.
The petition was filed by Umashankar Sivasubramaniam, who had received a mail in September 2007 from the bank which asked him to provide his username and password or his account would be closed.
After the reply to this mail he witnessed a transfer of Rs 6.46 lakh from his account to that of a company which withdrew Rs 4.6 lakh from an ICICI branch in Mumbai and retained the balance in its account.
ICICI defends itself saying that it is the responsibility of the customer to be conscious while giving out any kind of personal information on the web. Internet banking needs to be done very carefully after full scrutiny by the customer. Internet banking is not a risky proposition if the customer is conscious enough.
"Customers are fully apprised on security aspects of internet banking through various channels. We reassure that our security systems are continuously audited and neither the security nor our processes have been breached," said a bank spokeperson.
The bank said it will appeal the order. "ICICI Bank endeavors to offer world-class service to its customers. Today, we have hundreds types of transactions, which can be completed online without having to walk into a branch. We strive for convenience and safety of our customers and uninterrupted availability of our services through self-service channels. We also continuously upgrade our systems and technology to ensure that our customers get the best experience and a safe environment while transacting online," the spokes person said.
However, techno-legal consultant Na Vijayashankar, said, "Phishing fraud is very common but banks are not accepting the liabilities. Such a ruling will set a good precedent."