Recent Citibank scam email.

header

From Citibank Alert Tue Dec 9 14:08:05 2008
Return-Path: <[email protected]>
Authentication-Results: mta208.mail.re3.yahoo.com from=citicards.com; domainkeys=neutral (no sig)
Received: from 198.82.162.130 (EHLO ELROS.vcom.vt.edu) (198.82.162.130)
by mta208.mail.re3.yahoo.com with SMTP; Tue, 09 Dec 2008 14:18:01 -0800
Received: from User ([213.166.204.114]) by ELROS.vcom.vt.edu with Microsoft SMTPSVC(6.0.3790.3959);
Tue, 9 Dec 2008 17:08:05 -0500
Reply-To: <[email protected]>
From: "Citibank Alert"<[email protected]>
Subject: Alert: Verify Your Account Ownership
Date: Tue, 9 Dec 2008 23:08:05 +0100
MIME-Version: 1.0
Content-Type: text/html;
charset="utf-7"
Content-Transfer-Encoding: 7bit
Bcc:
Return-Path: [email protected]
Message-ID: <[email protected]>
Content-Length: 3221

I smell England.
I smell France.
I smell your underpants.

France is the lucky winner of todays Scam email.




--------------------------------------------------------------------------------



Our system indicates you had problems logging on to your account recently. After three unsuccessful attempts to access your account, your Citi Account Online Profile has been locked. This has been done to secure your accounts and to protect your private information. Citi Cards is committed to making sure that your online transactions are secure. Reactivate account to view current account activity:



Citicards.com
Online Customer Service
Copyright ©2008 Citigroup



--------------------------------------------------------------------------------

Protect yourself from fraud and identity theft. To learn more, go to Opt-in, Opt-out [email protected]
http://www.citibank.com/privacy_security/ fraud_prevention/

Thank you for posting

it seems our fake site killers will need to wait a bit longer for time to scratch themselves

I will pass the details on to somebody who can deal with it

Ralph is pretty busy and I've been in contact with one of the site killers on his behalf. They told me that this looks like a phishing scam email.

Citicards.com is a legitimate domain owned by Citibank.

I was told that the original email probably had a link asking the recipient to do something like "Click here to reactivate your account" - the link would probably have taken the recipient to a fake Citibank website that would ask for all their account details, including passwords. Once the details had been entered, the fraudster would have been able to access the money in the account.

Alternatively the fake site could have tried to download some malware onto the recipient's computer.

These sorts of emails are sent out in the millions hoping that some of the recipients happen to have a Citibank account (there are others targeting all of the major banking institutions) and that a few customers will be taken in and click on the link, then fill in their details.

These phishing emails will not address the customer by name, as millions of people receive the same email - this is often a good sign of a scam

The best way to deal with it is simply to delete it. Or you could report the email to the bank concerned (if you go to any legitimate bank website, they will have link somewhere that talks about security and has a link or email where you can send phishing emails. They will deal with the fake sites very quickly. Or you can go here http://www.antiphishing.org/ and click on the "Report phishing - click here" button

No legitimate bank will email you and ask you to fill in your security details on a form. If you are in doubt, contact you bank by phoning them, or visiting the website URL given on your credit vcard or bank statement (do NOT follow any links in any emails you receive - they could be fake)

Unfortunately it is not possible to trace the senders of these phishing emails as they mask their details and often send via compromised computers (or "bots") - which it is why it is important to keep your computer up to date with the latest security fixes and always have a good anti-virus and anti-malware program installed

For more information on phishing, go here http://education.apwg.org/r/en/index.html, http://www.webopedia.com/TERM/p/phishing.html or http://en.wikipedia.org/wiki/Phishing

Thanks for posting and I hope this helped