It looks like you're using an Ad Blocker.

Please white-list or disable in your ad-blocking tool.

Thank you.


Some features of ATS will be disabled while you continue to use an ad-blocker.


Banks, Businesses, Viruses and the UCC

page: 1

log in


posted on Apr, 6 2010 @ 10:43 PM
This is an old piece that I ran across... but it seems to me that the information is important to those who don't often consider the impact of the UCC in their lives....

Small business owner's take note... your PC's could be a devastating financial liability... especially since the banks and the legal system worshipthe UCC.

There’s an interesting post over at Krebs On Security talking about some poor company that is going bankrupt because TD Bank allegedly will not give them their money back after it was stolen out of their account. Now, I wish I could say this concept is totally foreign to me, but unfortunately this isn’t the first time I’ve heard this story. I’m under NDAs not to describe the people involved, or the bank involved, but the important details are nearly identical to this story. Why is this happening?

There is a little known code call the UCC (Uniform Commercial Code) that essentially says that if you are a business and you want to do wire transfers you are essentially to be treated as a bank. You are probably wincing right now, because it’s just as stupid as it sounds. Note that this is not true for consumers - but even if your business consists of even one person, you still are treated as a bank.

This is just a blogger's account, but the text is worth the read, and some of the comments are sterling....

Sounds exactly right. I’m now pentesting full time in support of bank auditors, and doing a bit of incident reponse. We’re seeing this all of the time–banks claiming that the customer was loose with their login credentials, and so it’s not the bank’s fault. The perfect storm is, with AV only catching ~25% of variants, together w/drive-by download attacks infecting users, many more PCs are infected than we realize. Zeus and other sophisticated bots have killed the effectiveness of any two-factor authentication on infected machines through man-in-the-middle capabilities.

After speaking with all of my financial institutions about this, I have decided to buy a bigger mattress for my business accounts–none of them will accept responsibility for the integrity of my funds.

[edit on 6-4-2010 by Maxmars]

new topics

log in