Don't click a link from Citibank email asking you to review your account info. It's a scam. The link takes you to Citibank alright but the popup where you enter your personal data is not their website. This same scam was out a few months ago and looks like it's back.

Yea,I've been getting those too!! :(

Most scams like this ask you to provide info that normally wouldn't be sent via email or a non ssl site. I think most novice users will know it is bs when they get an email and a site link like that.

Yeah, But the elderly fall for it on a regular basis.

T

The *beauty* of the scam is it takes you to the real CitiBank website but the popup box that gets your info is (at least was) going to a Russian server account.

If your e-mail pops up a small window showing the REAL address of the link, look for the @ sign between addresses such as http://www.citibank.com/@someplace_else.com.

These things are even more sinister than you realize. I didn't get the Citibank one yet, but I have been getting the US Bank one, and I took a look at the HTML code they are using. It appears to me that you don't even need to click on their link. The code indicates that they are simply using the "mouse hover" security hole in IE. If you just allow your curser to pass over the link on the message, you get sent away.

Here's the code:

........://usbankcorp.biz/u1/index.php" (onMouseMove)="window.status='http://www.usbank.com./internetBanking./RequestRouter?requestCmdId=DisplayLoginPage';retur n true;" (onMouseout)="window.status=''">https://www.usbank.com/internetBanking/RequestRouter?requestCmdId=DisplayLoginPage</a>

If we have a HTML expert here, they can tell me if I'm reading this right. I added the parenthesis around the two mouse commands to invalidate them.

Originally posted by Gary S:
These things are even more sinister than you realize. I didn't get the Citibank one yet, but I have been getting the US Bank one, and I took a look at the HTML code they are using. It appears to me that you don't even need to click on their link. The code indicates that they are simply using the "mouse hover" security hole in IE. If you just allow your curser to pass over the link on the message, you get sent away.

Here's the code:

........://usbankcorp.biz/u1/index.php" (onMouseMove)="window.status='http://www.usbank.com./internetBanking./RequestRouter?requestCmdId=DisplayLoginPage';retur n true;" (onMouseout)="window.status=''">https://www.usbank.com/internetBanking/RequestRouter?requestCmdId=DisplayLoginPage</a>

If we have a HTML expert here, they can tell me if I'm reading this right. I added the parenthesis around the two mouse commands to invalidate them. Looks like you're reading it right. This is NASTY graemlins/sad.gif . These dang phisher lameheads got worse all the time graemlins/sad.gif .