Bugtraq mailing list archives
Re: FW: Abuse report email for CitiBank/CitiCards?
From: "Jim Gonzalez" <gonzj () dslinmaryland com>
Date: Mon, 12 Jan 2004 16:41:40 -0500
I just received this a few hours ago not sure if it is legit. Here is the header info if someone would like to invesigate. Seems like the like is down already. Jim Gonzalez Return-Path: <Royce_Witte () aol com> Received: from charter.com (gateway-system.cpe.leeds.al.charter.com [68.117.191.116]) by kabe.impactbusiness.com (8.12.9/8.12.9) with SMTP id i0C7n4iJ045950 for <daemon () ttmi com>; Mon, 12 Jan 2004 02:49:06 -0500 (EST) (envelope-from Royce_Witte () aol com) Received: from gateway-system.cpe.leeds.al.charter.com (gateway-system.cpe.leeds.al.charter.com [68.117.191.116]) by charter.com (8.12.8p1/8.12.8) with ESMTP id tkxer49024 for <daemon () ttmi com>; Mon, 12 Jan 2004 07:41:20 -0400 (EST) Date: Mon, 12 Jan 2004 07:41:18 -0400 (EST) From: Citibank <citibank124 () aol com> X-Mailer: The Bat! (v1.61) Personal Reply-To: Royce_Witte () aol com X-Priority: 3 (Normal) Message-ID: <0396188460.47569226428824 () aol com> To: daemon () ttmi com Subject: Important Fraud Alert from Citibank MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----------92223519829" X-UIDL: 9G/"!]o,"!Wp4!!^T+"! ------------92223519829 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: base64 Email Dear Citibank Account Holder, On January 10th 2004 Citibank had to block some accounts in our system connected with money laundering, credit card fraud, terrorism and check fraud activity. The information in regards to those accounts has been passed to our correspondent banks, local, federal and international authorities. Due to our extensive database operations some accounts may have been changed. We are asking our customers to check their checking and savings accounts if they are active or if their current balance is correct. Citibank notifies all it's customers in cases of high fraud or criminal activity and asks you to check your account's balances. If you suspect or have found any fraud activity on your account please let us know by logging in at the link below. https://citibank.com/signin/citifi/scripts/login2/login.htm ----- Original Message ----- From: "Nicholas Weaver" <nweaver () CS berkeley edu> To: "Sullivan, Barbra A" <barbra.a.sullivan () citigroup com> Cc: <bugtraq () securityfocus com> Sent: Monday, January 12, 2004 5:26 PM Subject: Re: FW: Abuse report email for CitiBank/CitiCards?
On Mon, Jan 12, 2004 at 01:52:01PM -0500, Sullivan, Barbra A composed:All, To report such issues for Citibank or Citicards, please refer to the
about email fraud link on www.citibank.com or www.citi.com.
Having used those links in the past and gotten a black hole (no ack, and no way to really include header information and similar material, for a phishing variant which was not listed among the known variants, and included compromised site information), there really needs to be a better way. As mentioned, I got better luck from the hosting firm, but that's still not very satisfactory. -- Nicholas C. Weaver nweaver () cs berkeley edu
Current thread:
- Abuse report email for CitiBank/CitiCards? winstrel (Jan 12)
- Re: Abuse report email for CitiBank/CitiCards? Nicholas Weaver (Jan 12)
- <Possible follow-ups>
- FW: Abuse report email for CitiBank/CitiCards? Sullivan, Barbra A (Jan 12)
- Re: FW: Abuse report email for CitiBank/CitiCards? Nicholas Weaver (Jan 12)
- Re: FW: Abuse report email for CitiBank/CitiCards? Jim Gonzalez (Jan 13)
- How to track a Phisher... Re: FW: Abuse report email for CitiBank/CitiCards? Nicholas Weaver (Jan 13)
- Re: FW: Abuse report email for CitiBank/CitiCards? Nicholas Weaver (Jan 12)
- RE: Abuse report email for CitiBank/CitiCards? Lance James (Jan 13)