By Andy McCue, 1 September 2003 16:14
NEWS A new spoofed Citibank spam email is doing the rounds in an attempt to part unwitting victims from their credit card details, PIN number and email account details. Citibank warned customers last month about a spam email scam that informed recipients their Citibank account would be suspended unless they accepted new terms and conditions. A link in the email directed them to a fake, but convincing, Citibank website that requested the customer's name and bank card details. Citibank took the unusual step of issuing a statement to all its customers saying: "Although the e-mail appears to come from Citibank regarding 'Your Checking Account at Citibank,' it does not, and Citibank is in no way involved in the distribution of this e-mail." But one silicon.com reader, Remo Cornali from Italy, has forwarded on a new fraudulent Citibank scam, which has begun to spread over the weekend. It uses a new twist on the traditional 'phishing' technique of spamming thousands of users with a scam email that links people to a fake banking website to steal their personal and financial details. Instead, it says the person has received a payment of $217 via Citibank's online wire service, c2it.com. One giveaway that all might not be as it seems, however, is the appalling spelling and grammar. The email seen by silicon.com said: "Your email is not registred [sic] with us, you need to setup [an] account with us and verify your identity. Please fill this form to be enrolled to c2it.com service. Once you register, the money will appear in your c2it's account balance in your overview page. You can withraw [sic] the outstanding balance to your credit or debt [sic] card's bank account." As ever, there is a twist, and anyone foolish enough to enter their details can probably expect their card to cleaned out fairly swiftly and their email account used for further scams. Cornali said the server set up to collect the financial details is in South Korea. Chris McNab, technical director of security consultancy Matta, said spoofing is easy because of the inherent insecurity of messaging and internet protocols and that user education and the use of spam filters are the only ways to combat this type of scam. "The only way to mitigate that risk is to teach users to be more vigilant. You should never be asked for credit card details by email. And I'm pretty sure a good spam filter would stop many of these messages," he said. A spokeswoman for Citigroup said the company is working with law enforcement to investigate the email fraud and have the fake site shut down, and warned customers not to be fooled into giving out their account details. "Citibank does not ask customers to provide sensitive details in this way. We believe no customer information or systems have been compromised," she said.
Comments
There are 15 comments. Join the discussion
1. Marcia A. Fayard
I received one of these e-mails on 1/12/2004. I really think that something should be done immediately to stop banking fraud on line because people will be even more scarry to use their on line banking and purchasing of goods online. I think it would be in every best interest to find these people ASAP and prosecute them.
2. anonymous
ebay seems to be the object of persecution for this c2it scam. I filled in scam info to trace the ebay file. it lead me to this service which has been disconnected. Well alls well that ends well.
3. cecil brown
I recieved one too a couple of weeks ago. I was suspecious so, I sent them a fake account number. Now when I go to the link. It a some type of link to a russian web site.
4. 419buster
If you believe that no one would fall for this, think again. Another scam, the Nigerian Advanced fee Fraud Scam, noted as 4-1-9 by the applicable Nigerian law, had bilked over $5 billion by 1996. Lord knows what the total is up to now. P.T. Barnum was right.
Normally logical people that would raise eyebrows when hearing this stuff in real life seem to believe ANYTHING when read on the net.
5. Robert Ballantyne
recieved this email today
To Vverification_of _your_ Email adderss_ click on the-link :
http://go.msn.com/HML/6/5.asp?target=H%54%54P:%2F/slhk5dsdh%2E%44%41%2E%72%75%2f?n2775bp43ESpn08THainQ3Dsdto4pl39d
and enter on the |itt|e _window _your_ _Citibank D_e_b_i_t_ full card-nummber
and ~PIN~
that _you use on_the Atm machine...
N2i6av2q51 3bdw92a3 21av4nv 8xv0m b 6rc20xg0p97z a0bX3wd
from _CITI_G r o u p s_Email <SelcukNorndon@ecall.com>
6. anonymous
I'm not a citibank client, but I have now received 3 emails (the latest today), purporting to come from their admin dept, stating that they are in the process of updating their accounts system and need to verify customers' personal details. They request user names, passwords, credit card details, security numbers and all other relevant information to enable them to clean out the accounts.
7. anonymous
Received one today asking for credit card number and pin number.
5th May 2004
8. Dr. Arcane
I've been getting around two or three of these type of emails every week for months. They seem to be targetted at all banks and credit card companies as well as eBay and PayPal. They also seem to be from different 'gangs' as the quality of the email varies as does the spelling and grammar. Some are clearly frauds but a few are very convincing and it is easy to see how some of the more naive recipients can be fooled.
9. anonymous
Just received one today stating that this was sent by citbank server. They ask to click on a link and enter your debitcard & pin# that you use on ATM. They can't even spell.
10. anonymous
As a potential new customer, still awaiting the necessary paperwork to sign, I find it hard to believe that my application has found it's way to a spam site before I've even been accepted as a customer. This has all the stink of there being a cavernous hole in this company's security and computer system.
11. anonymous
This sort of email scam is still floating around, I have received one today. It does seem very convincing as the website it directs you to is citibank.com/signing/scripts etc..
12. anonymous
I have received one of these emails and am not a Citibank customer. True, I have used my credit card to withdraw cash from my own bank at a cash machine "hosted" by Citibank. That means that the spammer has penetrated sufficiently deep into the technical links between the two banks to find my email address!
13. anonymous
I received one on 28 August 2004, but it is a bit different from what you describe. I'll keep it for a while in case you would like a copy. The recent upgrades to Norton Anti Spam causes email systems to crash so I had to switch it off, and now get masses of spam.
14. anonymous
I am not a CitiBank customer but I have received two emails asking to update my details. I have not been to the site so I am unsure of what they ask exactly.
15. anonymous
I have received one of the "citibank" emails asking for my details today 14th October 2004, regardless of the fact that I do not have a citibank account.
It asks for my account number, date of birth and pin number!