FRAUD ALERT: Ignore mail from Citi Identify Theft Solutions

[flagger]

I received an official looking email from the above to one of my email addresses. It tells you in part:

 

"Recently there have been a large number of identity theft attempts targeting Citibank customers. In order to safeguard your account, we require that you update your Citibank ATM/Debit card PIN. This update is requested of you as a precautionary measure against fraud. Please note that we have no particular indications that your details have been compromised in any way. This process is mandatory, and if not completed within the nearest time your account may be subject to temporary suspension."

 

I assume it takes you to an official looking Citibank website to provide account and pin details. DO not fall for this nonsense. A look at the headers on the message reveals the real sender. You can look at this anytime in OE at anytime by right-clicking on the message, click details and then click message source. I have bolded the account from where this really came. This message is an absolute fraud, do not fall for it.

 

Return-Path: <support@citibank.com>

X-Original-To: flagger@XXXXXXXXXXXX.net

Delivered-To: flagger@XXXXXXXXXXXXXXXXXXr.net

Received: from localhost (localhost.localdomain [127.0.0.1])

by mail.XXXXXXXXXXXXXXXXX.net (Postfix) with ESMTP id

for <flagger@XXXXXXXXXXXXXXXx.net>; Thu, 1 Jul 2004 17:53:36 -0400 (EDT)

Received: from mail.XXXXXXXXXXXXXXX.net ([127.0.0.1])

by localhost (coral.XXXXXXXXXXXXXXXX.com [127.0.0.1])

with ESMTP id 07769-06 for <flagger@XXXXXXXXXXXXXX.net>;

Thu, 1 Jul 2004 17:53:36 -0400 (EDT)

Message-ID: <TKECOFTQMPHZKREBBZKZ@hotmail.com>

From: "Citi Identity Theft Solutions" <support@citibank.com>

Reply-To: "Citi Identity Theft Solutions" <support@citibank.com>

To: flagger@XXXXXXXXXXXXX.net

Subject: Important Fraud Info From Citibank

Date: Fri, 02 Jul 2004 05:48:09 -0500

[hdawson]

I've had a rash of those. One from"Best Buy" for confirmation of "my order".

Evidently this was sent to hundreds or even thousands. Confirmed by Best Buy that it was a fraud attempt. Also many from ebay and paypal.

[toni1266]

Thanks Flagger, I'll keep my eye out for them... :)

[MattInFLL]

This is called "phishing" and has become a huge problem... I've had these fake e-mails from AOL, ebay, USBank, and Citibank. Please don't ever respond to these kinds of e-mails! These types of companies will send you a letter if there's a problem they need to speak to you about. Or, when you log into your account at their own website, they might give you a notice. But they never send e-mail.

 

I have been a victim of credit card fraud/identity theft twice, and I was able to stop it before it became a problem because I have ID theft protection... everyone should get this. Whenever anything happens related to my credit file, I get a letter telling me of the new activity. Well worth the subscription!

[slavearlen]

I love it when these boards produce good information! Thanks for the heads up. I, too, have received some of these e-mails and thought they were odd since I was always told they would not do that. Fortunately, I never responded and simply deleted them.

 

Appreciate all this info!

[hdawson]

I had one incidence of credit card fraud online. Not sure how but since I check my bank acct and credit cards often online I caught it with only about $900 charged. It took 30 minutes to straighten it all out. The online vendor and my bank could not have been nicer or more accomodating to me. Had a new credit card in 5 days and the charges (they were for web gift certificates) were credited back to my CC within an hour.

[tbelian]

I don't want to sound inflammatory, but, WHY would anyone fall for this?

 

I guess there are poeople that do (fall for it), but, you have to be pretty dense to not know (in THIS day and age) that this stuff is bogus.

 

Sorry. I know it was a precautionary statement, But, this is the year 2004, WAKE UP everybody.

[excitedofharpenden]

tbelian

 

Sadly they do fall for it, in large numbers (I work for a bank in the UK). Once this way of extorting money has been publicised enough, they will move onto something else. I have recently had a fraud on my credit card where they managed to cash in excess of £8000 in just over two weeks, by 'phoning customer services and changing my address, 'phone number and card limit, so they could get away with more with the additional card they had just ordered. The fraud department have a record of 'phoning me to check all was well. "I" said yes. They rang me on the new number!:rolleyes:

 

I intend asking my credit card company what personal information was given to support these changes and have instigated a code word system, whereby no details can be obtained or changed without a quote of this word.

 

Phil

[rockgarden]

Had this kind of message many times, especially from E-Bay and PayPal. Any e-mail or whatever asking for my social security number, my bank number plus my ATM password and my driver's license is obviously fraudulent. Worried me the first time because the e-mail inferred that someone had logged into my accounts. So, the word is - beware.

[elycelynne]

I had once received one of those e-mails at around the same time that the real Citibank send another one informing its customers that this was going on and that we should forward them the details of these fraudulent transmissions. Trouble is, nobody from Citibank responded to my e-mail that reported the initial suspicious e-mail.

[richkinkade]

The reason that people fall for it is that it sounds plausible and the email has a link to a fake CitiBank website, complete with Citibank logos that looks completely legitimate.

[smudge's mom]

The one I got had numerous misspellings, bad syntax, bad grammar, bad everything. Seems they have at least perfected their scam email.

[2tsquared]

This is an excerpt from a memo we sent to all our employees this past week. It includes a link to the FTC which provides information on these scams and where to report this type of fraud.

 

 

"... getting an increasing number of Spam messages that are using a tactic called Phishing. These emails are designed to get your Social Security number, Credit Card numbers, PIN numbers, Mother's Maiden name or any other private information. Typically these email look very official and look like they were sent by your bank or any other financial organization you may belong to. Usually the email states you need to update your account information by entering any of the private information I mentioned earlier. Please use common sense and realize, no legitimate company is going to contact you by email to verify this type of information.

 

FTC link:

http://www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm

 

2tsquared

[Shirley and Les]

My DW had her identity stolen once. They even got one of her credit card numbers. Within a week, we had a letter from the thief enclosing a $100 bill and asking us to forget the episode. Apparently, she had overrun the limit so much that all vendors were asking for $500 "good faith" money before accepting the card number from the thief.

Normally, when she goes shopping, she has to carry a pair of oven mitts to handle the credit card. The card actually starts smoldering from the number of transactions in a normal shopping day.

Les

:rolleyes: :rolleyes: :rolleyes:

[LMKohler]

I also received a similar email from "Citibank" which I thought was odd. I deleted it and sent Citibank the information and I, too, never received a reply from them.