Banking & Finance Law Report

Tag Archives: consumer protection

Consumer Privacy After Dodd-Frank: What Bankers Need to Know

Bankers and other financial product and service providers should expect to provide their consumer customers with far greater access to information than ever before.

The financial reform law adopted last year, known as the Dodd-Frank Wall Street Reform and Consumer Protection Act, established a new financial regulatory agency known as the Consumer Financial Protection Bureau. Under Dodd-Frank, the CFPB has the authority to promulgate regulations governing the credit agency reporting practices of financial institutions, including community banks. Also, under Dodd-Frank, banks must make available to each consumer all information regarding a financial product or service such consumer has purchased, including transaction history, cost, and usage information. All of this must be made available in an electronic, usable format, which will be prescribed and overseen by the CFPB.

The CFPB will now have authority to promulgate rules related to privacy and data security under the Fair Credit Reporting Act, the Gramm-Leach-Bliley Act, the Right to Financial Privacy Act and the Financial Privacy Act. Under Dodd-Frank, the CFPB is authorized to promulgate rules “identifying as unlawful, unfair, deceptive, or abusive acts or practices in connection with any transaction with a consumer for a consumer financial product or service.” The portion of CFPB …

New Data Breach Strategy Uses Banks and Telephone

Is your phone ringing off the hook? Then you’d better check your bank account. According to the Federal Bureau of Investigation, a new “telephone denial-of-service” attack is combining high-tech and low-tech fraud techniques to steal money from the bank accounts of unsuspecting victims.

As reported in the alert issued by the FBI, the scam begins with the suspect obtaining a victim’s personal and banking information, perhaps including bank account numbers, PINs, and passwords. Scammer can obtain a victim’s personal and banking information in a variety of ways, such as through phishing emails, social engineering tactics, or malware surreptitiously installed on a person’s computer.

Once the scammers have the victim’s personal information, they begin tying up the victim’s telephone line by using automated resources to place hundreds or thousands of calls to the victim’s telephone, not unlike a Distributed Denial of Service attack aimed at a computer network that overwhelms a computer with requests for information resulting in a slowing or failure of the network.

While the victim is busy dealing with the onslaught of telephone calls, the scammers quickly drain the victim’s bank account using the previously obtained personal and banking information to gain access to the account. If …