Rooster_Ties Posted December 6, 2003 Report Posted December 6, 2003 Got this in the old e-mail just now... Quote Dear Citibank Member, This email was sent by the Citibank server to verify your e-mail address. You must complete this process by clicking on the link below and entering in the small window your Citibank ATM/Debit Card number and PIN that you use on ATM. This is done for your protection -- because some of our members no longer have access to their email addresses and we must verify it. To verify your e-mail address and access your bank account, click on the link below. If nothing happens when you click on the link (or if you use AOL), copy and paste the link into the address bar of your web browser. http://www.citibank.com:ac-k2bu9j566TttjnT...5komnL2nwhaQjkl --------------------------------------------- Thank you for using Citibank! --------------------------------------------- This automatic email sent to: [deleted from this Organissimo post - RT] Do not reply to this email. R_CODE: uGqAMk4hFrbJDEgiJBT7 Click Here: Link provided in the e-mail Look how god-damn REAL everything looks (which isn't the part that has me puzzled), but what does have me puzzled is how were they able to get the address (URL) that appears in my browser to appear like it really is a Citibank address (or what sure as heck looks like one to me)??? They also went to some serious trouble to make all the interactive stuff on the (presumably) fake Citibank page, to make it actually link up with (presumably) the REAL Citibank page, with all the links working as you would expect them to. OR WAIT!!!!!! - is the full page REALLY the REAL Citibank page all along (and totally legit!!!), BUT, that insidious little pop-up window is the trap????? - meaning the thing to get your debit card number, PIN, and expiration date. Either way, this thing smells to high heaven (not that I was temped for even a nanosecond), but I had to post this here - just to comment on how I could easily see lots of people falling for this, if they were at all the trusting sort. Quote
kumakuma Posted December 6, 2003 Report Posted December 6, 2003 This is definitely a scam. The popup is coming from a site in Russia that lets you register with any name (www.da.ru). Quote
BERIGAN Posted December 6, 2003 Report Posted December 6, 2003 Rooster, I am too chicken to click on the link(Who knows what info they can gather ! ) but hovering over the link I noticed it looks close to what you would expect www.citibank.com:ac-k2bu9j566TttjnT...5komnL2nwhaQjkl but it is www.citibank.com: with the colon at the end , then a bunch of letters , then the @ symbol then afisagf3f.da.ru/?5komnl2nwkaqjkl ...so I would guess it is a russian web site so to speak, almost like it has passwords to get to it....I have seen many fake sites from ebay fakers and their email address (or the link itself) looks to be from ebay, but hover the mouse over the email address/link given and it changes into something else! Better forward to Citibank, if you haven't already....bastards!! Quote
BERIGAN Posted December 6, 2003 Report Posted December 6, 2003 (edited) kumakuma said: This is definitely a scam. The popup is coming from a site in Russia that lets you register with any name (www.da.ru). Well, bet me to the punch why don't ya! I was also watching the FBI starring Efrem Zimbalist Jr while doing this post... Edited December 6, 2003 by BERIGAN Quote
Claude Posted December 6, 2003 Report Posted December 6, 2003 (edited) This old trick still seems to work. For non-expert users the address looks indeed real. The Opera browser is therefore displaying a warning message whenever one clicks an address containing a username and @ in a link (see below). That should make the user aware that there is a problem with the address. Professional companies would also use the secure protocol (url starting with https:// ) for every internet transaction involving sensitive data. And of course they would never ask such a thing by email. An email is like a postcard, it can be read by every administrator on the many internet gateways it passes before arriving. Edited December 6, 2003 by Claude Quote
Jim Alfredson Posted December 6, 2003 Report Posted December 6, 2003 Claude said: The Opera browser is therefore displaying a warning message whenever one clicks an address containing a username and @ in a link (see below). That should make the user aware that there is a problem with the address. Now that's pretty cool! Quote
Jazzmoose Posted December 6, 2003 Report Posted December 6, 2003 Claude said: Professional companies would also use the secure protocol (url starting with https:// ) for every internet transaction involving sensitive data. Damn good point! I forget that one sometimes. Quote
_forumlogo.png.a607ef20a6e0c299ab2aa6443aa1f32e.png)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.