Citibank Email Scam
Netlore Archive: Fraudulent email designed to steal personal information sends recipients to a real Citibank Web page but launches a phony pop-up demanding 'login' info. Beware!
Description: Email Scam
Circulating since: Jan 2004
Email example contributed by D.L., 11 Jan. 2004:
Dear Online-Citibank Mebmer,
This letter was sennt by the Citi sevrer to veerify your email adress. You must cptlmoee this pescros by clicking on the link below and enteering in the little window your Citibank ATM/Debit full Card Nummber and card pin that you use on Atm. This is donne for your poterction -L- becaurse some of our members no lnoegr have acsces to their email adsdrsees and we must verify it.
To veerify your e-mail adress and akcess your Citicards account, click on the link bellow. If ntohing hapenps when you clik on the link -z coppy and paste the link into the address bar of your web browser.
This automaitc email sent to: email@example.com
Comments: This is an example of a type of online scam known as "phishing" (defined by the Federal Trade Commission as "a high-tech scam that uses spam to deceive consumers into disclosing their credit card numbers, bank account information, Social Security numbers, passwords, and other sensitive information"). If you receive an email like this, don't click on the links it contains, and for heaven's sake don't divulge any personal information if prompted.
Despite the numerous misspellings - actually a tactic commonly used by spammers to bypass email filtering software - the scam is rather cleverly constructed. The emails arrive from "spoofed" email addresses which appear to belong to legitimate Citibank employees (e.g., "firstname.lastname@example.org") but in fact belong to no one. The "verification link" in the body of the email also appears to lead to a genuine Citibank Website &3151; and ultimately it does, but only after first touching base for a split-second at a Russian URL which launches a phony pop-up window demanding the user's debit card number, PIN and expiration date (see screen shot). Any information entered is forwarded to the scammer(s), not Citibank.
The U.S. Federal Trade Commission offers the following tips to avoid being "hooked" by a phishing scam:
- If you get an email that warns you, with little or no notice, that an account of yours will be shut down unless you reconfirm your billing information, do not reply or click on the link in the email. Instead, contact the company cited in the email using a telephone number or Web site address you know to be genuine.
- Avoid emailing personal and financial information. Before submitting financial information through a Web site, look for the "lock" icon on the browser's status bar. It signals that your information is secure during transmission.
- Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
- Report suspicious activity to the FTC. Send the actual spam to email@example.com. If you believe you've been scammed, file your complaint at www.ftc.gov, and then visit the FTC's Identity Theft Web site (www.ftc.gov/idtheft) to learn how to minimize your risk of damage from identity theft.
Sources and further reading:
New Scam Targets Citibank Customers
IDG News Service, 12 January 2004
Something's Phishy at Citibank
Reuters, 13 January 2004
'Spoofing' and 'Phishing' and Stealing Identities
About U.S. Gov Info/Resources
'Phishing' Scams Reel in Your Identity
CNN, 22 July 2003
How Not to Get Hooked by a 'Phishing' Scam
Federal Trade Commission consumer alert
Last updated: 01/13/04