Search our Spoof Library...
Another Spoof Email and Phishing Scam report by MillerSmiles.co.uk - click this image to go to our home page.

Attn: Security Update!Act Now!
4th August 2004

please forward any scams you've received to spoof@millersmiles.co.uk

Report Summary
Date Reported
4th August 2004
Apparent Sender
Citi
Return Address
Citibank Support <citisafe@citibank.com>
Subject
Attn: Security Update!Act Now!
Format
HTML
Method

Submitted form data on spoof webpage is forwarded to a local script.

Bogus Web Content?
Yes
URL of web content

http://222.223.128.32/confirm/

Traced to a server in Peking, China

RISK LEVEL
MEDIUM
WARNINGS

1. The spoof email pretends to be from Citibank requesting verification of account details by clicking on a link. Link opens spoof Citi page where submitted details are forwarded to a local script.

2. Citi NEVER send out emails requesting details from users.

3. Real Citi home page is opened by a script in the background to provide an authentic looking backdrop to the fake page.

4. Spoof page claims to use 128-Bit encryption and displays a padlock symbol but no encryption is used.

 

"Dear Citibank Customer , We recently noticed one or more attempts to log in to your Citibank account from a foreign IP address and we have reasons to believe that there was attempts to compromise it with brute forcing your PIN number"...

If you have received this email, please remember that it is very common for these email scams to be redistributed at a later date with only slightly different content or the same but with the fake page(s) hosted by a different provider. Also, once you have received one of these hoaxes, it is also common place to receive at least another one and usually a day or two after the first, although not necessarily from the same apparent sender.

 

The Spoof Email ...

Dear Citibank Customer ,

We recently noticed one or more attempts to log in to your Citibank
account from a foreign IP address and we have reasons to believe that
there was attempts to compromise it with brute forcing your PIN number.
No successful login was detected and you have full protection by now.
If you recently accessed your account while travelling, the unusual login
attempts may have been initiated by you.

The login attempt was made from:
IP address: 193.07.287.024
ISP Host: cache-824.proxyserver.cis.com

By now, we used many techniques to verify the accuracy of the
information our users provide us when they register on the Site.
However, because user verification on the Internet is difficult, Citibank
cannot and does not confirm each user's purported identity. Thus, we
have established an offline verification system to help you evaluate with
whom you are dealing with. The system is called CitiSafe and it's
the most secure Citibank wallet so far.

If you are the rightful holder of the account, click the link bellow, fill
the form and then submit as we will verify your identity and register you
to CitiSafe free of charge. This way you are fully protected from fraudulent
activity on all the accounts that you have with us.

To make Citibank.com the most secure site, every user will be
registered to CitiSafe.

NOTE! If you choose to ignore our request, you leave us no choice but to
temporally suspend your account.

* Please do not respond to this e-mail, as your reply will not be received.

Regards, Citibank Customer Support

 


The Spoof Webpage...



Stay informed of the latest Spoof Email Phishing Scams with either of our FREE alert services...
 

Stay informed of the latest Spoof Email Phishing Scams with either of our FREE alert services...

Email Alerts
Add your email address to our email alert service...
Subscribe

Privacy Policy

RSS News Feed
Tap into our Scam Alert service using your News Reader or Aggregator (including My Yahoo!).
Scam Alert News Feed

You can even put the latest alerts on your own web site.

Click here to learn more about RSS News Feeds and our Scam Alert Service!

Resources links - use one of the links below to access more information on Spoof Email & Phishing Scams.

Library of Spoof Email Phishing Scams

Brief guide to Phishing

Full article on spoof email scams

Spoof URL Checker

Link Checker

Browser URL Spoofing Vulnerability Check

Latest browser bug aids Phishing Scams - beware!

Destinations - other resources available on the MillerSmiles.co.uk web site.

Click the arrow to return to previous page

Home

Guides...

Book Terminology

How to identify a first edition book

Auction Watcher

List of the main Auction Sites world wide