Spamvertised ‘Temporary Limit Access To Your Account’ emails lead to Citi phishing emails

by


Cybercriminals are currently spamvertising a fraudulent email campaign impersonating Citi, using ‘Temporary Limit Access To Your Account‘ themed emails as a social engineering attempt to trick end users into clicking on the link found in the phishing emails.

More details:

Subject: Temporary Limit Access To Your Account

Spamvertised message: Dear Client,CitiBank Temporary Limit Access To Your Account.Reason: 1.Unauthorized login attempts.2.Billing failure.We require you to complete an account update so we can unlock your account.To start the Unlock process click on: hxxp://irta-dositecno.com/wp-content/uploads/2011/11/.43www3-credit-35-cards-86-citi-08-com/Once you have completed this process, we will send you an email notifyingthat your account is available again. After that you can access your accountonline at any time.NB:Failure to provide required information will lead to account suspension automaticallyfrom Our online database.Sincerely,Citibank Customer Services.

Spamvertised URL: hxxp://irta-dositecno.com/wp-content/uploads/2011/11/.43www3-credit-35-cards-86-citi-08-com/

Upon clicking on the link, users are exposed to a fraudulent Citibank themed web site, requesting their accounting data:

For the time being, only Google Safebrowsing’s initiative has flagged the web site as a phishing one.

Webroot SecureAnywhere customers are protected from this threat.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.