This is an important one, so I am letting the list know...it's tricky also.. Keep in mind, these type of emails can appear to come from any bank, E-Bay any credit card company, etc...You can not tell you are being redirected because the information is hidden in the HTML coding.. If you get an email of this nature, I suggest calling the bank rather then logging in, or use the link you have saved in your favorites..
. Citibank Customers Beware - HTML_CITIFRAUD.A (Low Risk) ------------------------------------------------------------------------ HTML_CITIFRAUD.A is a non-destructive HTML virus that exploits an Internet Explorer (IE) vulnerability enabling a malicious user to spoof a Web site to obtain Citibank ATM/Debit card and PIN numbers of target users. To steal critical information it redirects affected users to a Web site that appears to be identical to the authentic Citibank Web site. It prompts target users to enter their ATM card number and PIN. It runs on systems supporting the Internet Explorer environment, and is currently spreading in-the-wild. The malware is embedded in a spammed email that poses as an urgent notification from Citibank. The email sent by a remote malicious user to target recipients contains the following: From: Citibank To: <target recipient> Subject: Important Fraud Alert from Cibitbank Message Body: Dear Citibank Account Holder, On January 10th, 2004 Citibank had to block some accounts in our system connected with money laundering, credit card fraud, terrorism and check fraud activity. The information in regards to those accounts has been passed to our correspondent banks, local, federal and international authorities. Due to extensive database operations some accounts may have been changed. We are asking our customers to check their checking and savings accounts if they are active or if their current balance is correct. Citibank notifies all of it's customers in cases of high fraud or criminal activity and asks you to check your account's balances. If you suspect or have found any fraud activity on your account please let us know by in at the link below. <Click Here to Login> By clicking the "Click Here to Login" button, the user is connected to a malicious Web site which looks identical to the genuine Citibank Web site, and prompts the user to provide their access codes and other credentials. HTML viruses use scripts embedded in HTML files to do damage. These embedded scripts automatically execute, the moment the HTML page is viewed from a script-enabled browser. If you would like to scan your computer for HTML_CITIFRAUD.A or thousands of other worms, viruses, Trojans and malicious code, visit HouseCall, Trend Micro's free, online virus scanner at: http://housecall.trendmicro.com/ HTML_CITIFRAUD.A is detected and cleaned by Trend Micro pattern file #721 and above. For additional information about HTML_CITIFRAUD.A please visit: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=HTML_CITIFRAUD.A Jeff Dougherty Intrepid Video TV/VCR 263 S Front St Steelton PA 17113 fax...717-564-4952 www.intrepid-video.com www.tech-repair.net _________________________________________ Please include original text when replying to this email. Once you get your unit repaired, please post the fix to the group. Order your tech repair CD today, Version 3.0 only $49.00-more monitor tips-user friendly program. [EMAIL PROTECTED] www.tech-repair.net ______ Techs mailing list [EMAIL PROTECTED] http://intrepid-video.com/mailman/listinfo/techs_intrepid-video.com Go to the link above and scroll to the bottom to enter your email address
