Citibank customers targeted by wide-ranging phishing campaign

Person typing
(Image credit: Shutterstock)

Citibank customers are now being targeted in a phishing campaign by scammers impersonating the bank online.

According to Bitdefender, the cybersecurity firm's Antispam Lab recently observed thousands of phony email messages sent to the bank's customers with the aim of stealing their personal information and online credentials.

While these campaigns are primarily focused on the US with 81 percent of the fraudulent messages sent ending up in the inboxes of American Citibank customers, they have also reached the UK (7%), South Korea (4%) and a limited number even made it to Canada, Ireland, India and Germany based on Bitdefender's internal telemetry.

When it comes to the origin of these phishing campaigns, 40 percent of the fake emails appear to have been sent from the US while 13 percent originated from IP addresses in Mexico.

Instilling a sense of urgency

In order to trick Citibank customers into opening their emails, the cybercriminals behind the campaign use email subject lines that try to instill a sense of urgency including “Account Confirm Confirmation Required,” “Second Reminder: Your Account Is On Hold,” “Security Alert: Your Account Is On Hold,” “Urgent: Account Confirmation Required,” and “Urgent: Your Citi Account Is On Hold”.

Although some of the phishing emails used in the campaign utilize the official Citibank logo to appear more legitimate, the scammers behind it failed to put in the effort needed to spoof the sender's email address correctly or fix any of the punctuation errors in the email body.

Another tactic used to make these phishing emails to look like they're coming from Citibank itself is citing fake transactions or payments and even suspicious login attempts to trick potential victims into verifying their accounts. However, clicking on the verify button actually takes victims to a perfectly cloned version of the official Citibank landing page where they can log in using their user ID and password. If a Citibank customer goes this far though, the cybercriminals then harvest their credentials to use in future attacks.

Responding to fake email alerts from Citibank or any other financial institution can lead to serious consequences including identity theft and fraud. To avoid getting duped, users should carefully examine the body of such emails for typos as well as check the sender's email address and any embedded URLs before clicking on them.

TOPICS
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Read more
Smartphone with new logo X twitter app background. Application twitter old blue bird change X black and white new.
Phishing campaign targets prominent X users, accounts at risk
Paper craft illustration of a suspicious email that contains a snake
How to spot a phishing email
Representational image of a hacker
Email scams vs Phishing - is there a difference?
Someone checking their credit card details online.
Hackers use CAPTCHA scam in PDF files on Webflow CDN to get past security systems
Malware worm
Coordinated global mobile malware campaign targets banking apps and cryptocurrency platforms
Fraude en ligne phishing
What is phishing and how dangerous is it?
Latest in Security
An American flag flying outside the US Capitol building against a blue sky
Sean Plankey selected as CISA director by President Trump
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
Nation-state threats are targeting UK AI research
Scam alert
Fake jobs and phone calls: How Americans lost $12.5 bn to fraud in 2024
Application Security Testing Concept with Digital Magnifying Glass Scanning Applications to Detect Vulnerabilities - AST - Process of Making Apps Resistant to Security Threats - 3D Illustration
Google bug bounty payments hit nearly $12 million in 2024
Scam alert
A new SMS energy scam is using Elon Musk’s face to steal your money
Representational image of a cybercriminal
Allstate sued for exposing personal customer information in plaintext
Latest in News
Vision Pro Metallica
Apple Vision Pro goes off to never never land with Metallica concert footage
Mufasa is joined by another lion, a monkey and a bird in this promotional image
Mufasa: The Lion King prowls onto Disney+ as it finally gets a streaming release date
An American flag flying outside the US Capitol building against a blue sky
Sean Plankey selected as CISA director by President Trump
An Nvidia GeForce RTX 4060 on a table with its retail packaging
Nvidia RTX 5060 GPU spotted in Acer gaming PC, suggesting rumors of imminent launch are correct – and that it’ll run with only 8GB of video RAM
Indiana Jones talking to a friend in a university setting with a jaunty smile on his face
New leak claims Indiana Jones and the Great Circle PS5 release will come in April
A close up of the limited edition vinyl turntable wrist watch from AndoAndoAndo
This limited-edition timepiece turns the iconic Technics SL-1200 turntable into a watch, and I want one