Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

New scam pretending to be Citibank, asking for account information...

From: Dave Farber <dave () farber net>
Date: Wed, 25 Feb 2004 10:35:00 -0400

-----Original Message-----
From: "Eric J. Glover" <eric () ericglover com>
Date: Wed, 25 Feb 2004 09:26:57 
To:dave () farber net, sanjay Palnitkar <sanjay () nec-labs com>,       frisbee2 () yahoogroups com
Subject: New scam pretending to be Citibank, asking for account information...

Within a few days after signing up for e-mail alerts from Citibank 
(probably not related, but who knows), I received an e-mail asking me to 
go to citibank's site and confirm my e-mail by entering various account 
and related information.

Normally these "scams" are totaly obvious since they send you to some 
other site - however this one attempted to mask their actual URL, by 
using anchortext with a domain of citibank.com. A snippet from the 
e-mail is below:

I wanted to send this e-mail for three reasons:
#1: To restate the importance of NEVER EVER EVER EVER provide your 
account information of any kind to a website! If you need it you can 
call the company at the number on your card or bill - do not call 
numbers found from e-mail (or from a website you have not taken from 
bookmarks) and confirm they really need that information.

#2: Emphasize that since e-mail has ZERO security, it is like sending a 
postcard written in cheap pencil through an untrusted mail carrier, most 
e-mails are actually scams! If you are uncertain ignore it - if you are 
advanced, examining the headers may reveal the true identity - which in 
this case appears to have been the HOME computer of someone who used 
Comcast cable in New Haven, CT.

#3: I wanted to know to which government agencies I can report this, 
since the FBI site tries very hard to prevent you from contacting them 
electronically.

I have already notified Citibank (well attempted to), knowing them, they 
will probably ignore the info - I might send updates.

----------------------

To verify your E-mail address and access your bank account,
click on the link below:
https://web.da-us.citibank.com/signin/citifi/scripts/email_verifyjsp
-----------------------

Clicking on the above in the scam e-mail would send you to:

192.192.230.48/scripts/email_verify.htm

Later,
Eric


-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: