The judicial decision, issued by a Granada Court of First Instance, emphasizes that the customer did not commit gross negligence, as the deception presented an "evident verisimilitude" that led them to believe they were interacting with their own bank. The fraudsters managed to access the victim's personal data, using it to apply for a loan of 14,900 euros and two others of 5,000 and 1,250 euros, respectively.
“"This initial impression of legitimacy —both due to the SMS identification and the phone number— is sufficient not to raise immediate suspicions; even more so when the fraudster knows data that, in the opinion of an average citizen, can only be handled by banking operators."
Lawyer Javier López y García de la Serrana, director of the HispaColex law firm and the client's legal representative, explained to the Europa Press agency that this case is unique, as such frauds rarely involve taking out loans in the victim's name. The defense argued that, despite the client's due diligence, the fraud was unavoidable due to the bank's insufficient security measures.
The banking entity, for its part, maintained that it complies with all transparency and protection requirements, and that the operations were duly authorized, attributing responsibility to the client's "gross negligence." However, the magistrate of Court No. 6 of the Civil Section of the Granada Court of Instance dismissed this claim, considering that the SMS message and the initial call, originating from Madrid and using an official bank number, created an appearance of legitimacy that made it difficult to detect the fraud.
