March 8, 2012Dancho Danchev By Dancho Danchev

Spamvertised ‘Temporary Limit Access To Your Account’ emails lead to Citi phishing emails

Cybercriminals are currently spamvertising a fraudulent email campaign impersonating Citi, using ‘Temporary Limit Access To Your Account‘ themed emails as a social engineering attempt to trick end users into clicking on the link found in the phishing emails.

More details:

Subject: Temporary Limit Access To Your Account

Spamvertised message: Dear Client,CitiBank Temporary Limit Access To Your Account.Reason: 1.Unauthorized login attempts.2.Billing failure.We require you to complete an account update so we can unlock your account.To start the Unlock process click on: hxxp:// you have completed this process, we will send you an email notifyingthat your account is available again. After that you can access your accountonline at any time.NB:Failure to provide required information will lead to account suspension automaticallyfrom Our online database.Sincerely,Citibank Customer Services.

Spamvertised URL: hxxp://

Upon clicking on the link, users are exposed to a fraudulent Citibank themed web site, requesting their accounting data:

For the time being, only Google Safebrowsing’s initiative has flagged the web site as a phishing one.

Webroot SecureAnywhere customers are protected from this threat.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Share Button

5 Responses to Spamvertised ‘Temporary Limit Access To Your Account’ emails lead to Citi phishing emails

  1. If you are told you have a problem with your Bank account in an email, don’t follow the email, instead call your bank immediately to find out from a real person what the problem is.

    • Something similar was being sent recently to Bank of America customers as well. Be careful what you click!

    • The first thing to do is check your bank account and make sure there hasn’t been any unauthorized transactions. Second you should notify the bank that you responded to a phishing email that came from someone impersonating them and ask them to put a security alert on your account. Finally, you need to change the password used on the account to something not used on any other online account you have and nothing you’ve ever used before on your bank account. You’ll also want to do a scan for malware in case any may lay dormant on your machine. If you don’t already have Webroot you can get a free trial here. Hope this helps!

Leave a Reply

Your email address will not be published. Required fields are marked *