Another “Phishing” Expedition

The term is “phishing.” A phony email is sent, purporting to be from a company you do business with, asking for private information. I wrote, only a few days ago, about a bogus note from Bank of America. Tonight, it’s Citibank!

Dear Citibank Account Holder,

On January 10th 2004 Citibank had to block some accounts in our system connected with money laundering, credit card fraud, terrorism and check fraud activity. The information in regards to those accounts has been passed to our correspondent banks, local, federal and international authorities.

Due to our extensive database operations some accounts may have been changed. We are asking our customers to check their checking and savings accounts if they are active or if their current balance is correct.

Citibank notifies all it’s customers in cases of high fraud or criminal activity and asks you to check your account’s balances. If you suspect or have found any fraud activity on your account please let us know by logging in at the link below.

I’m not a Citibank customer, so I knew immediately this was bogus. Even if I had missed it, Popfile called it spam. Good job!

The last time I put one of these up, McAffee Virus Scanner stopped some people from getting to my site, so I’ve eliminated the link in this one – it’s phony anyway!

Today’s phishing expedition originated with email sent from an account on wideopenwest.com, a high speed Internet service provider (like cable modem or DSL) here in the U.S. The link on the email opens a form that looks exactly like a Citibank form (in fact, it’s probably taken from their site), but it sends the posted data, including credit card and pin, to a site in Korea!

We’re rapidly approaching email meltdown! How long can commerce survive in this untrustworthy environment?

—-

01/11/04 10:38 PM – I have just reported this incident to Citibank via their weblink. I’ll let you know if they respond.

One thought on “Another “Phishing” Expedition”

Leave a Reply

Your email address will not be published. Required fields are marked *