|
?:reviewBody
|
-
Claim: Citibank is sending out checking account suspension notices and asking customers to verify their acceptance of new terms and conditions.Status: False.Example: [Collected on the Internet, 2003]Your Checking Account at CitibankWe are letting you know, that you, as a Citibank checking account holder, must become acquainted with our new Terms & Conditions and agree to it.Please, carefully read all the parts of our new Terms & Conditions and post your consent. Otherwise, we will have to suspend your Citibank checking account.This measure is to prevent misunderstanding between us and our valued customers.We are sorry for any inconvinience it may cause.Click here to access our Terms & Conditions page and not allow your Citibank checking account suspension.Origins: Yet again a redirection scam has hit the Internet in the guise of messages appearing to come from a well-known financial entity; in this case the wolf is disguised in the clothing of Citibank.Just like scams perpetrated earlier this year using PayPal and various Internet service providers as camouflage, this one involves messages which appear to be coming from Citibank itself. In this case the fraudulent message falsely announces that Citibank has changed the Terms & Conditions of its checking accounts and informs the recipient that he must follow a hyperlink to indicate his acceptance of these new conditions or his account will be suspended. In a classic case of redirection scamming, however, the page the user is taken to after clicking the link does not reside on the real Citibank site; it's a phony page camouflaged to look like a real Citibank page and hosted on the web site of Nanhua Futures Trading Co. of Zhejiang, China. (Since the redirection URL is an IP address rather than a domain name, the ruse isn't obvious.) The faux Citibank page records the visitor's e-mail address and asks him to enter the first four digits of hisCitibank® Banking Card number and his full name, then hides the ruse by bouncing him back to the real Citibank's terms and conditions page.According to the warning Citibank has posted on their web site:Citibank is working with law enforcement to aggressively investigate a fraudulent email that has recently been sent as spam to numerous email addresses. Although the email appears to come from Citibank regarding Your Checking Account at Citibank, it does not, and Citibank is in no way involved in the distribution of this email. The email tells recipients that their Citibank Checking Account will be suspended unless they accept new Terms and Conditions and directs them to a site that appears to be Citibank's. The fradulent site requests the customers' name and the first 4 digits of their ATM card number. Citibank urges recipients of this email to delete it immediately. Citibank does not ask customers to provide sensitive information in this way. Customers who receive suspicious email purporting to be from Citibank are encouraged to report it to customer service at the number listed on their ATM card. Citibank's systems have not been compromised in any way.In August 2003 the scammers tried again, this time sending out phony You've received money transfer Citibank notices which require the user to enter personal information in order to prove you are our customer:Dear CustomerC2it.com service would like to inform you, that you received money transfer from Andreas (andreas666@earthlink.net). Amount is $217. In order to receive that amount from c2it.com you have to register your ATM card to prove you are our customer.Your e-mail is not registred with us, you need to setup account with us and verify your identity. Please fill this form to be enrolled to c2it.com service.Once you register, the money will appear in your c2it's account balance in your overview page. You can withraw the outstanding balance to your credit or debt card's bank account.There's a world ofreasons to use c2it service.• Send money from your computer to over 100 countries for a low flat fee.• Transfer money to a bank account overseas or send a check to family back home.It's easy. It's secure.It's from Citibank.• c2it service is convenient. And it's secure -- because c2it is backed by Citibank.• We've improved our foreign exchange rates, so now is a great time to send money overseas.Information About Yourself Email AddressPasswordCard Holder Full NameCard NumberCard ExpirationMonth 01 02 03 04 05 06 07 08 09 10 11 12 / Year 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012CVV2(3 or 4 Digit Code After Card # on Back of Card)ATM PIN(For Bank Verification)© 2003 Citibank, FSB. Member FDIC.Once again, the information entered by gullible recipients is going not to Citibank, but to a site registered to Hangzhou Silk Road Information Technologies Co., Ltd in Beijing, China. Scams that trick the gullible into revealing private information by having them confirm details presumably already in the possession of the one doing the asking fall under the broad heading of social engineering, a fancy term for getting people to part with key pieces of information simply by talking to them. The wary consumer's best defense to such maneuvers is a zipped lip (or, in the online world, an untapped keyboard). Protect yourself by volunteering nothing, even if you feel somewhat pressured by the one doing the inquiring. If someone on the telephone asks you to read off your checking account number for verification, ask him instead to recite it to you from his records. If you get an e-mail announcing something dire has befallen one of your on-line accounts and requiring you to re-enter sensitive personal data to get things back on track, do not reply to it, and do not fill out any forms that accompany it or click through any hot links it provides. Instead, contact that service through its web site and ask them about the e-mail. The con artists are getting more sophisticated all the time, so do not be too quick to mistake the appearance of legitimacy or authority with legitimacy itself. Just because an e-mail looks like it comes from an entity you do business with doesn't mean it's genuine, and just because you're being directed to a web page that looks like that entity's home page doesn't mean you're not being sent somewhere else. Beware the wolf in sheep's clothing lest you end up his dinner.Additional information: 'Phishers' Use Citi Logo to Try to Steal Personal Info (Associated Press)
(en)
|
![[This page as RDF]](http://data.gesis.org/claimskg/static/rdf-icon.gif){kind=icon}