Italics are for emphasis only and are not part of the original phishing email.
- Subject: Citibank Identity Theft Solutions
Recently there have been a large number of identity theft attempts targeting Citibank customers. In order to safeguard your account, we require that you update your Citibank ATM/Debit card PIN.
This update is requested of you as a precautionary measure against fraud. Please note that we have no particular indications that your details have been compromised in any way.
This process is mandatory, and if not completed within the nearest time your account may be subject to temporary suspension.
To securely update your Citibank ATM/Debit card PIN please go to:
Please note that this update applies to your Citibank ATM/Debit card - which is linked directly to your checking account, not Citibank credit cards.
Thank you for your prompt attention to this matter and thank you for using Citibank!
Head of Citi® Identity Theft Solutions
Copyright © 2004 Citicorp. All rights reserved.
Do not reply to this email as it is an unmonitored alias.
In the email, the above link actually points to http://126.96.36.199/verify/citipop.htm, a website in China that is hosted by Chinanet. To determine how to distinguish between a displayed link and the target link, see Ferreting out a fake.
Another phishing email reads:
- Dear Citibank Member,
This email was sent by the Citibank server to verify your e-mail address. You must complete this process by clicking on the link below and entering in the small window your Citibank ATM/Debit Card number and PIN that you use on ATM. This is done for your protection -I- because some of our members no longer have access to their email addresses and we must verify it.
To verify your e-mail address and access your bank account, click on the link below. If nothing happens when you click on the link (or if you use AOL)p, copy and paste the link into the address bar of your web browser.
Financial information should never be divulged based on an email message. Call your bank to confirm or visit the real website by physically typing in the URL you typically visit to conduct online business with the financial institution.
If you suspect you've received a Citibank phishing email, you can report it at http://www.citi.com/domain/spoof/report_abuse.htm.