Latest E-Mail Bank Scam Targets Citibank

Fraudulent e-mail attempts to lure customers into divulging account usernames, passwords and credit card numbers.

Yet another bank-related e-mail scam is beginning to show up in Internet users mailboxes this week, this one targeting users of a money-transfer service owned by Citibank FSB.

The fraudulent e-mail attempts to lure customers of the c2it service into divulging their account usernames and passwords, as well as the credit card numbers associated with their accounts. The message appears to be from c2it Customer Service, but is in fact sent from a Hotmail account. It is an HTML message that contains a form that also asks for each users Social Security number, birth date and mothers maiden name.

The message is unlike many of the other bank scams currently circulating on the Internet in that it looks quite authentic, right down to the actual c2it logo. There are none of the misspellings, careless grammar or other mistakes that typically give away other such scams. One of the few clues that the message is not authentic is the Hotmail return address in the message header.

Also, if a user clicks the button in the message to submit their information, the link takes the user to a site owned by the Harvard-Smithsonian Center for Astrophysics.

C2it is a Web-based service that enables users to send money to individuals or bank accounts around the world. The e-mail arrives with a subject line reading, "Your account is on hold." The body of the message reads, in part:

"c2it is currently performing regular maintenance of our security measures. Your account has been randomly selected for this maintenance, and placed on Hold status. Protecting the security of your c2it account is our primary concern, and we apologize for any inconvenience this may cause.

To restore your account to its regular status, you must confirm your email address by logging in to your c2it account using the form."