Search our Spoof Library...
Another Spoof Email and Phishing Scam report by MillerSmiles.co.uk - click this image to go to our home page.

Citibank Email Verification
23rd April 2004

please forward any scams you've received to spoof@millersmiles.co.uk

 

Report Summary
Date Reported
first reported 17th April 2004
Apparent Sender
Citibank
Return Address
"Trailer V. Avows" <CITI_Bank~User@kyokofukada.net>
Subject
CITIbank EMAIL Verificaation
Format
HTML
Method
disguised link leads to bogus web content
Bogus Web Content?
Yes
URL of web content
various URLs are passed through to reach the forged pop up window which arrives in front of a genuine Citibank page but the URL of the forged pop up is http://lo409fds.nm.ru/welcome3.html
RISK LEVEL
Medium
WARNINGS

1. Employs script to open the genuine citibank.com home page as a backdrop to the bogus pop up style window.
2. Quite a complex means of presenting the two browser windows, using multiple domains to redirect and open each window.

 

An incredibly poor representation of a forged Citibank email but a complex approach to delivering forged content made to look more realistic by involving a genuine Citibank web page ...

 

This forged Citibank email really is very poor quality just by virtue of its terrible spelling. The link is of-course disguised using HTML code and will lead your browser into a complex 'adventure' where it will visit around 5 different domains before opening two windows ... The first window (largest - see below) opens the genuine citibank.com home page, and the second window comes in the form of what appears to be a pop up triggered by the genuine citibank page. This is not the case though, and the two windows are independent. The only relation they have is that the pages opened prior to them were scripted or coded to open those pages separately.

Our purpose in publishing this particular example is the complex nature of delivering the forged content.

Form data (in the pop up style window) is captured by a PHP script located on the same server as itself.

 

The Spoof Email ...

To _verificcation_of your _e-mail_ adress click on_the link :

and_enter_ in the_ sma|| winddow _your_
Citi_group D_e_b_i_t_ _full_card_nummber_ and card pin
that you_use on_the local Atm machine.

mLA5 VA 43Q3o6

 

The bogus web page ...

Citibank Email Verification Citibank Email Verification Citibank Email Verification Citibank Email Verification
Citibank Email Verification Citibank Email Verification Citibank Email Verification Citibank Email Verification
Citibank Email Verification Citibank Email Verification Citibank Email Verification Citibank Email Verification
Citibank Email Verification Citibank Email Verification Citibank Email Verification Citibank Email Verification
Citibank Email Verification Citibank Email Verification Citibank Email Verification Citibank Email Verification

 

If you have received this email, please remember that it is very common for these email scams to be redistributed at a later date with only slightly different content or the same but with the fake page(s) hosted by a different provider. Also, once you have received one of these hoaxes, it is also common place to receive at least another one and usually a day or two after the first, although not necessarily from the same apparent sender.

 

Stay informed of the latest Spoof Email Phishing Scams with either of our FREE alert services...
 

Stay informed of the latest Spoof Email Phishing Scams with either of our FREE alert services...

Email Alerts
Add your email address to our email alert service...
Subscribe

Privacy Policy

RSS News Feed
Tap into our Scam Alert service using your News Reader or Aggregator (including My Yahoo!).
Scam Alert News Feed

You can even put the latest alerts on your own web site.

Click here to learn more about RSS News Feeds and our Scam Alert Service!

Resources links - use one of the links below to access more information on Spoof Email & Phishing Scams.

Library of Spoof Email Phishing Scams

Brief guide to Phishing

Full article on spoof email scams

Spoof URL Checker

Link Checker

Browser URL Spoofing Vulnerability Check

Latest browser bug aids Phishing Scams - beware!

Destinations - other resources available on the MillerSmiles.co.uk web site.

Click the arrow to return to previous page

Home

Guides...

Book Terminology

How to identify a first edition book

Auction Watcher

List of the main Auction Sites world wide