Well, one would have thought that the banks were at the top of the security game to avoid unnecessary losses. It seems that the last scam targeted banks quite successfully. Arguably, citybank did not lose the money because at the end, the money was not transfered. However, the reason for not doing so was a mere technicality. The fact that the bank believed the fraudsters and undertook all the steps necessary to send the money demonstrates that the false representation worked very well!
"DEAR CITIBANK: I WOULD LIKE REQUEST TO YOU HELP IN SECURING 27 MILLION DOLLARS US" (TechDirt, 23 February 2009)
No less reassuring although banks are not necessarily the culprits: "Researcher demonstrates SSL attack" (ZDNet.co.uk, 20 February 2009)
Similarly, the following post shows that banks and firms continue to integrate into their inevitable losses the cost of cybercrime/cyberfraud. Maybe it's time to wake up and be a bit more proactive? Or maybe consumers should be better informed and go on strike? After all, the banks seem to be the only business those days that can think that they can loose money and still get the taxpayer/consumer to pay for their debt and for their bonus.
"Making Credit-Card Payments More Secure By Making Breaches More Expensive" (TechDirt, 4 March 2009)