Anti-Phishing: Citibank Security Update

Summary 
Email title: ‘Citibank Security Update’ 
Scam target: Citibank customers  
Email format: A HTML email  
Sender: citibank.com <csupport6@citibank.com>
Sender spoofed? Yes 
Scam call to action: “Due to technical update we recommend you to
reactivate your account.” 
Scam goal: Getting victim’s Citibank website account/password and ATM PIN 
Call to action format: URL link  
Visible link: http://web.da-us.citibank.com 
Called link : http://citibank-validate.info/
Resolved site:  http://citibank-validate.info/, along with http://www.citibank.com (the legitimate Citibank site)

http://www.antiphishing.org/phishing_archive/29-04-04_Citibank_(Citibank_Security_Update).html

Leave a Reply