This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

E-emeail fmor Citi-Banck

Discussion in 'The Front Room' started by old.Osy, Jan 13, 2004.

  1. old.Osy

    old.Osy No longer scrounging, still a bastard.

    X-Apparently-To: removed@yahoo.com via 216.136.130.96; Mon, 12 Jan 2004 13:08:01 -0800
    Return-Path: <thu@citibank.com>
    Received: from 62.219.131.78 (HELO bzq-131-78.red.bezeqint.net) (62.219.131.78) by mta457.mail.yahoo.com with SMTP; Mon, 12 Jan 2004 13:08:00 -0800
    Received: from citibank.com (mail2.citigroup.com [192.193.226.98]) by bzq-131-78.red.bezeqint.net (Postfix) with ESMTP id D95346F297 for <removed@yahoo.com>; Mon, 12 Jan 2004 16:05:35 -0500
    Reply-to: CITIBANK <tamal@citicard.com>
    Message-ID: <011101c3d94f$1ce38675$ebd9a508@citibank.com>
    From: "CITIBANK" <thu@citibank.com> Add to Address Book
    To: "removed" <removed@yahoo.com>
    Subject: CITI-ONLINE E-mail Veerification - removed@yahoo.com
    Date: Mon, 12 Jan 2004 16:05:35 -0500
    MIME-Version: 1.0
    Content-Type: text/html
    Content-Transfer-Encoding: quoted-printable
    X-Priority: 3
    X-MSMail-Priority: Normal
    X-Mailer: Microsoft Outlook Express 6.00.2720.3000
    X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2462.0000
    X-Virus-Scanned: by Ameriserv.net Anti-Virus E-Gateway
    Content-Length: 678




    Dear Citi-Bank User,

    This e-mail was sentt by the Citi-Card serevr to veerify your e-mail
    address. You must cmopelte this pcsroes by clicking on the link
    below and enttering in the smal window your Citi ATM
    card number and PiN that you use on local Atm.
    This is donne for your pecotrtion -4- becaurse some of our membres no
    lgeonr have accses to their email adesdsers and we must verify it.

    To veerify your e-mail adress and akcess your Citi-Card account, klick on
    the link below. If nothing hapepns when you klick on the link -m copy
    and passte the link into the addres bar of your window.



    http://www.citibank.com/?tieWvJTrAWOffjT2XvJGWdbTaKQK5CXzWbvqWeUxaJMo4Hr1cc

    ---------------------------------------------
    Thank you for using Online-Citibank!
    ---------------------------------------------

    This autotmaic email sent to: removed@yahoo.com
    Do not rpely to this email.

    T9pUQBGIlKljjtvOJr3E

    -----------

    Found this extremely amusing :) *Cooks up a witty reply*
     
  2. Cyradix

    Cyradix FH is my second home

    :eek7:

    The english is really that bad in the email? :D
     
  3. old.Osy

    old.Osy No longer scrounging, still a bastard.

    The e-mail is genuine, aswell as the message source :) Had me gigglin' for a good 20 minutes here :D

    edit: Anyway, the english is not the main point. This is a scam-mail, used by various people to obtain sensitive info. The least they could do is type in proper english :)
     
  4. Job

    Job Resident Fuckwit FH Subscriber

    Got that one last night, very good clone of the proper signing in page,they have just replaced username/password with cardno/pin code.
    Might well catch out a few people.

    How they got to use Citbanks url I don't know, must be some sort of alias on top of a hidden one.
    Surely they can be traced with ease.
     
  5. Cyfr

    Cyfr Banned

    Some haxed IE thing I think.
     
  6. Archeon

    Archeon Fledgling Freddie

    You'd think if they could spend all that time making a clone website they could atleast spare 5mins to run the email through the ol' spell checker :rolleyes:
     
  7. Chilly

    Chilly Balls of steel

    Russians, i ask you?
     
  8. Job

    Job Resident Fuckwit FH Subscriber

    IT's a hole in IE, that allows them to copy the url, IE can't display some chars on the address box, so they put these into their web address which contains citibank.com in the middle of it and IE nicely displays just 'citibank.com', Microshite have known about it for a month and have yet to produce a fix.
    Loads of big sites have been targetted this way, one Microshite spokesman actually suggested people never follow links on the net, but always type the url in themselves...no shit!
     
  9. the_hermit

    the_hermit Fledgling Freddie

    Halifax Building Society were hacked a month or two back... All their online banking stuff was off, and people kept getting mails from "them" telling you to enter your back details, card number, pin. Same as Lloyds I believe - and they looked like the real deal - AND the English had been spellchecked.

    Deffo caught a lot of people out too I believe... Of course, I was impressed with the Lloyds one - I don't use them, never have. Oh, and the Halifax one was sent to the wrong account. And even then, I don't do bank stuff via email... hehehe
     

Share This Page