Citibank customers targeted by wide-ranging phishing campaign

Email phishing campaign tries to steal Citibank customer credentials with fake banking notifications

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Citibank customers are now being targeted in aphishing campaignby scammers impersonating the bank online.

According toBitdefender, the cybersecurity firm’s Antispam Lab recently observed thousands of phony email messages sent to the bank’s customers with the aim of stealing their personal information and online credentials.

While these campaigns are primarily focused on the US with 81 percent of the fraudulent messages sent ending up in the inboxes of American Citibank customers, they have also reached the UK (7%), South Korea (4%) and a limited number even made it to Canada, Ireland, India and Germany based on Bitdefender’s internal telemetry.

When it comes to the origin of these phishing campaigns, 40 percent of the fake emails appear to have been sent from the US while 13 percent originated fromIP addressesin Mexico.

Instilling a sense of urgency

In order to trick Citibank customers into opening their emails, the cybercriminals behind the campaign use email subject lines that try to instill asense of urgencyincluding “Account Confirm Confirmation Required,” “Second Reminder: Your Account Is On Hold,” “Security Alert: Your Account Is On Hold,” “Urgent: Account Confirmation Required,” and “Urgent: Your Citi Account Is On Hold”.

Although some of the phishing emails used in the campaign utilize the official Citibank logo to appear more legitimate, the scammers behind it failed to put in the effort needed to spoof the sender’s email address correctly or fix any of the punctuation errors in the email body.

These companies are the most impersonated in email phishing campaigns

Just one mobile phishing attack could cost your business hundreds of millions

Americans lost over $500 million to online romance scams last year

Another tactic used to make these phishing emails to look like they’re coming from Citibank itself is citing fake transactions or payments and even suspicious login attempts to trick potential victims into verifying their accounts. However, clicking on the verify button actually takes victims to a perfectly cloned version of the official Citibanklanding pagewhere they can log in using their user ID and password. If a Citibank customer goes this far though, the cybercriminals then harvest their credentials to use in future attacks.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Responding to fake email alerts from Citibank or any other financial institution can lead to serious consequences includingidentity theftand fraud. To avoid getting duped, users should carefully examine the body of such emails for typos as well as check the sender’s email address and any embedded URLs before clicking on them.

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

The 6 best electric motorcycle concepts and launches from EICMA 2024