The Aim of this study is to discuss the risk distribution in the case of abusive account transactions by third person in Online-Banking. In the first part, this study analyzes legal relationship between the participant in the credit transfer and various forms of abusive account transactions by third person in Online-Banking, such as Internet attacks e.g., Phishing, Pharming and Man-in-the-middle attack. With regard to the issue of the risk distribution in event of abusive account transactions by third person, this study get the following conclusions: 1. The first paragraph of Art. 546 Civil Code in mandate relationship can be regarded as the principle of risk distribute. 2. In contrast to practical opinion Art. 310(2) Civil Code is to be applied strictly. 3. When the account owner, who participates in Online-Banking transactions, violates the collateral obligation, the bank is entitled to claim damages. In the last place, this study points out a number of legislation suggestions.