The German Federal Court of Justice in the southwestern city of Karlsruhe said on Tuesday that clients, and not banks, are responsible for money lost in online phishing scams.

The country’s highest civil court ruled that in the case of a German retiree who lost €5,000 ($6,608) in a bank transfer fraudulently sent to Greece, the man was negligent, and was therefore liable to pay the amount lost. In 2010, Germany’s Federal Criminal Police Office (BKA), received over 5,000 reports of phishing, a huge rise over the previous year.

According to the The Local, an English-language German news site, the incident involved an occasion when the man entered 10 transaction numbers, also known as TAN codes, which are commonly used in German banks. The codes are used as a way to verify that a given online transaction is accurate, and can be looked up on a printed sheet of paper, or sent by SMS, or can also be generated by a small electronic device.

However, the man entered his TAN codes onto a website designed to look like his bank’s site, Sparda Bank. The court ruled that the bank was not liable, as it had specifically provided warnings to its customers against this practice.

"The plaintiff argued that the bank had a duty to protect its customers from the abuse of these codes," The Local reported. "But the federal court upheld previous judgements by the district and state courts, agreeing with the bank’s argument that the customer should bear responsibility for falling for the con."

The site added that Sparda Bank said it was "widely known" that being asked to input multiple TAN codes was a sure sign of phishing.