The lengths banks go to in order to keep customers in the dark on online banking fraud is revealed in a Sunday Times report. Typically, it notes, banks withhold from fraud victims the names and identity numbers of the account holders who received their stolen money and sometimes the forensic report by the bank ostensibly supporting the bank's allegation the client fell for a phishing attack. Banks have also been known to refuse to disclose log entries and IP addresses of the computers from which transfers out of the plundered accounts were made. Lawyers representing victims of fraud have argued that their clients are entitled to this information and that by refusing to provide it, banks hamper victims' understanding of what may have occurred and whether they were negligent as alleged by the bank, as well as efforts to identify the culprits and recover their money. When the banks do oblige, it tends to be only after they've been issued with a subpoena or High Court order. But it is often beyond the customer's resources to go to court and, as pointed out by an attorney who has assisted victims of fraud, ‘some banks, it seems as an active strategy, rely on customers not having the relevant information to pursue their claims, in the knowledge that this insulates them from claims as customers cannot afford the high cost of litigation to force them to provide the information’.