By Dancho Danchev
Cybercriminals are currently spamvertising a fraudulent email campaign impersonating Citi, using ‘Temporary Limit Access To Your Account‘ themed emails as a social engineering attempt to trick end users into clicking on the link found in the phishing emails.
Subject: Temporary Limit Access To Your Account
Spamvertised message: Dear Client,CitiBank Temporary Limit Access To Your Account.Reason: 1.Unauthorized login attempts.2.Billing failure.We require you to complete an account update so we can unlock your account.To start the Unlock process click on: hxxp://irta-dositecno.com/wp-content/uploads/2011/11/.43www3-credit-35-cards-86-citi-08-com/Once you have completed this process, we will send you an email notifyingthat your account is available again. After that you can access your accountonline at any time.NB:Failure to provide required information will lead to account suspension automaticallyfrom Our online database.Sincerely,Citibank Customer Services.
Spamvertised URL: hxxp://irta-dositecno.com/wp-content/uploads/2011/11/.43www3-credit-35-cards-86-citi-08-com/
Upon clicking on the link, users are exposed to a fraudulent Citibank themed web site, requesting their accounting data:
For the time being, only Google Safebrowsing’s initiative has flagged the web site as a phishing one.
Webroot SecureAnywhere customers are protected from this threat.