Something's phishy at Citibank
Reuters
January 13, 2004, 7:05 AM PT

Citibank on Monday warned customers not to fall for an e-mail fraud that urges them to log into a bogus Web site to verify that their accounts have not been tampered with.

It's a scam, said Mark Rodgers, a spokesman for the bank, a unit of Citigroup. Consumers have reported receiving fraudulent e-mails that appear to be from Citibank, but which are in fact sent by impostors.

It was not immediately clear how many customers received or acted upon the e-mail. The e-mail is similar to one last August when an Internet scammer threatened to close Citibank checking accounts if customers failed to divulge personal information.

Other recent fake e-mails include one from Citibank Security Department seeking account information to help the bank upgrade its computer servers, and one from Accounts Management seeking credit card information so that customers might maintain the Citibank experience.

These are examples of phishing--the use of spam, or junk e-mail, to lure people to bogus Web sites that look like those of reputable companies, and deceive them into divulging personal data. The term is derived from the act of computer thieves fishing for private data.

Many scam e-mails carry grammatical or typographical errors, or return addresses at sites such as Yahoo.com or Juno.com.

Rodgers said Citibank works aggressively with law enforcement to stop such scams. Customers receiving suspicious e-mails should notify Citibank at its Web site, where a list of known fraudulent e-mails is posted, he said.

The new e-mail, purporting to be from Citibank, said that on Jan. 10, the bank blocked some accounts connected with money laundering, credit card fraud, terrorism and check fraud activity. It said the bank sent account data to government authorities, and may have changed some accounts.

Citibank notifies all it's (sic) customers in cases of high fraud or criminal activity and asks you to check your account's balances, the e-mail said. It provides a link if you suspect or have found any fraud activity on your account.

The return address provided on a copy of the e-mail received at Reuters is citibank64541+yahoo.co.uk, with a subject line Important Fraud Alert from Citibank.

The U.S. Federal Trade Commission encourages consumers to visit its identity theft Web sites (http://www.ftc.gov/idtheft) and spam (http://www.ftc.gov/spam) to learn how to minimize the risk of loss from phishing.

Citigroup's retail banking operations had an average of $200.3 billion of customer deposits in the quarter ended Sept. 30.