[LUAU] How Does this Work?
R. Scott Belford
scott at belford.net
Thu Apr 29 15:02:41 PDT 2004
I recently received, correct that, SpamAssassin filtered the following
email. Researching it led me to these two links, among many
http://www.inertramblings.com/archives/000454.html
http://www.millersmiles.co.uk/identitytheft/011104-citibank-email-scam.php
and I recall hearing of an unpatched IE bug that could lead to a false
url being displayed. However, using mozilla on osx I was taken to the
"citibank.com" domain, and it was deceiving. I just don't bank with
them. Can anyone explain what is happening on a more technical level
than what I have found so far?
--scott
The fake email is below:
Dear Valued Customer,
- Our new security system will help you to avoid
frequently fraud transactions and to keep your
investments in safety.
- Due to technical update we recommend you to
reactivate your account.
Click on the link below to login and begin using
your updated Citibank account.
To log into your account, please visit the online banking
http://web.da-us.citibank.com&BVP=/cgi-bin/citifi/scripts/&M=S&US&_u=visitor
If you have questions about your online statement,
please send us a Bank Mail or call us at 1-800-374-9700
We appreciate your business. It's truly our
pleasure to serve you.
Citibank Customer Care
This email is for notification only. To contact us,
please log into your account and send a Bank Mail.
More information about the LUAU
mailing list