mortgage investments.com

Phishing Samples

Citibank

Below is an email that we received.

Note how it appears to come from Citibank and appears to go to a secure link at Citibank..

THE FOLLOWING IS A FRAUD EMAIL

Subject: Verify your E-mail with Citibank

This email was sent by the Citibank server to verify your E-mail
address. You must complete this process by clicking on the link
below and entering in the small window your Citibank ATM/Debit
Card number and PIN that you use on ATM.


This is done for your protection - because some of our members
no longer have access to their email addresses and we must
verify it.


To verify your E-mail address and access your bank account,
click on the link below:

https://web.da-us.citibank.com/signin/citifi/scripts/email_verify.jsp

---------------------------------------

Thank you for using Citibank

The link however goes to a non-secure site at:

http://www.securecitibank.us

We tried to click on the link but as at March 29, 2004, the page and web site appears to be disabled. This could be an indication of complaints resulting in the site being shut down.

We checked who owned this site and here is the information from WhoIs:

We're not sure what relationship, if any, Mr. Wayne Stanford has with CitiBank. But one can certainly conclude that CitiBank themselves do not own this site.

fraud citibank

Another sample with Citibank

This one ends up at http://218.62.39.59, which is a site in the Orient!

This email is especially crafty. We have disabled the link.

Content-Type: text/html;

 

Recently there have been a large number of identity theft attempts targeting Citibank customers. In order to safeguard your account, we require that you update your Citibank ATM/Debit card PIN.

This update is requested of you as a precautionary measure against fraud. Please note that we have no particular indications that your details have been compromised in any way.

This process is mandatory, and if not completed within the nearest time your account may be subject to temporary suspension.

To securely update your Citibank ATM/Debit card PIN please go to:

https://www.citibank.com/signin/citifi/scripts/login2/update_pin.jsp

Please note that this update applies to your Citibank ATM/Debit card - which is linked directly to your checking account, not Citibank credit cards.

Thank you for your prompt attention to this matter and thank you for using Citibank!

Regards,

Riley Buckner
Head of Citi® Identity Theft Solutions

citibank identity theft
Copyright © 2004 Citicorp. All rights reserved.
Do not reply to this email as it is an unmonitored alias.

ozmpjdyvexo utcbt vuqr znrwvsowwvi

Now this is the page it goes to when you click on it. As you can see, a GENUINE CitiBank page is being forced to pop-up behind the scam one. The scam one of course conceals the fact that it is really somewhere in the Orient!

sample of Citibank phishing

To prevent being victim to this type of scam, always go to the home page of the company, in this case, www.citibank.com.

[Home] [Credit reports] [Understand Credit Report] [What does your FICO score mean?] [Frequently asked questions] [Sample credit report] [Computer security] [Identity theft] [Credit report permission law] [Protecting your credit rights] [Landlords complying with FCRA] [Phishing Scam] [Bank Fraud ACH] [Misleading check trick] [Nigerian money transfer scam] [Kenya religious fraud] [Email fraud supposedly from bank]