Citibank customers hit with e-mail scam
The spoofed bank site is actually hosted by a company in Moscow
Computerworld - Citibank customers are being targeted by scam artists trying to get their confidential bank card numbers.
The scam is perpetrated via an e-mail that includes a link that apparently directs users to a Citibank Web site, where they are greeted with a pop-up box asking them for their full debit card numbers, their personal identification numbers (PIN) and their expiration dates.
The problem is the Web site customers are directed to is a fake site operated by someone trying to gain access to that information. The spoofed site is hosted by a Web hosting company in Moscow.
A Ctitibank spokesperson said the company was unaware of the latest e-mail scam, but will work with law enforcement to get the spoofed site taken down.
The New York-based company's Web site already contains information on similar scams that have targeted bank customers in recent months. Ironically, the fake site also contains that information. A similar e-mail scam targeting Citibank customers made the rounds in August (see story).
Citibank has posted the following message to customers under the heading "About e-mail fraud" at its Web site:
"Recently, our customers have reported receiving fraudulent e-mails that appear to be from Citibank, but which are, in fact, sent by impostors. How can you tell the difference? Fraudulent e-mails typically include attachments, request personal information, or both.
"When such e-mails are sent in our name, Citibank works aggressively with law enforcement agencies to investigate them."
On its own site, the bank also posts the text of the scam e-mails that it's aware of. The latest e-mail, which appeared to be making the rounds yesterday, was most likely not just sent to specific Citibank customers, but rather to thousands of e-mail users. By targeting large numbers of users, the perpetrators hope to snag some Citibank customers.
This is the text of the latest e-mail scam, which is similar to one Citibank lists as having been sent on Oct. 2: "Dear Citibank Member, This email was sent by the Citibank server to verify your e-mail address. You must complete this process by clicking on the link below and entering in the small window your Citibank ATM/Debit Card number and PIN that you use on ATM.
"This is done for your protection -n- because some of our members no longer have access to their email addresses and we must verify it. To verify your e-mail address and access your bank account, click on the link below. If nothing happens when you click on the link (or if you use AOL)W, copy and paste the link into the address barof your Web browser."
[The "-n-" and the "W" after "AOL" are included in the text of the e-mail.]
The e-mail also includes the link to the fake Citibank site.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Cybercrime and Hacking White Papers | Webcasts