March 8, 2012 By Dancho Danchev

Spamvertised ‘Temporary Limit Access To Your Account’ emails lead to Citi phishing emails

Cybercriminals are currently spamvertising a fraudulent email campaign impersonating Citi, using ‘Temporary Limit Access To Your Account‘ themed emails as a social engineering attempt to trick end users into clicking on the link found in the phishing emails.

More details:

Subject: Temporary Limit Access To Your Account

Spamvertised message: Dear Client,CitiBank Temporary Limit Access To Your Account.Reason: 1.Unauthorized login attempts.2.Billing failure.We require you to complete an account update so we can unlock your account.To start the Unlock process click on: hxxp://irta-dositecno.com/wp-content/uploads/2011/11/.43www3-credit-35-cards-86-citi-08-com/Once you have completed this process, we will send you an email notifyingthat your account is available again. After that you can access your accountonline at any time.NB:Failure to provide required information will lead to account suspension automaticallyfrom Our online database.Sincerely,Citibank Customer Services.

Spamvertised URL: hxxp://irta-dositecno.com/wp-content/uploads/2011/11/.43www3-credit-35-cards-86-citi-08-com/

Upon clicking on the link, users are exposed to a fraudulent Citibank themed web site, requesting their accounting data:

For the time being, only Google Safebrowsing’s initiative has flagged the web site as a phishing one.

Webroot SecureAnywhere customers are protected from this threat.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Share Button
true