Summary
Email title: ‘Citibank Security Update’
Scam target: Citibank customers
Email format: A HTML email
Sender: citibank.com <csupport6@citibank.com>
Sender spoofed? Yes
Scam call to action: “Due to technical update we recommend you to
reactivate your account.”
Scam goal: Getting victim’s Citibank website account/password and ATM PIN
Call to action format: URL link
Visible link: http://web.da-us.citibank.com
Called link : http://citibank-validate.info/
Resolved site: http://citibank-validate.info/, along with http://www.citibank.com (the legitimate Citibank site)
http://www.antiphishing.org/phishing_archive/29-04-04_Citibank_(Citibank_Security_Update).html