I just love these things. Yet another phisher email out there trying to get people to login to their accounts at Citizen's Bank and "update" their details.



Dear Citizens Bank Customers!

Technical services of the Bank are carrying out a planned software upgrade.
We earnestly ask you to visit the following link to start the procedure of confirmation of customers' data.

http://www.citizensbank.com/customerservice/cust_serv_gtway.asp

When you click the link, it actually leads to the following URL:

http://12.203.152.12:38/cz/index.htm

[Warning: I have not followed the link, so I'm not sure where it leads.]

The odd thing is that the whole email message appears to be a picture file or something of the like. I was unable to copy and past the words and thus had to type it out above. The link they provide in the email appears to be legit, but it cannot be copied and pasted in the address bar. The only option is to click on it, and then be led to the embedded link.


And, what does the confirmation of customers' data have to do with a software upgrade anyway?

Its amazing, I see tons of these coming through all the time from different types of financial institutions claiming the same thing. You hit the nail on the head with calling them Phishers, most of them aren't even my instituition, so you know thats its fake. :eek:

The other one I like (which I have no examples of at the moment), are where you get an email with the subject of "Question from Ebay Member" and its some verbage about "I made my payment, can you let me know about this purchase", then the link to do a "Respond to Message" in the email actually links to a fake website that looks like eBay. Basically they take your user account information from eBay, which could lead to them being able to get other information about you .... basically identity theft.

I hope people reading this thread realize that you must be careful with with any email you get and clicking links from emails. Always verify that you are on the site that you claim to be on once you click (like WD's example above). It should be fishy (no pun intended) if you are linked to a straight IP address .. thats very odd in this day and age. :cool:

jokach

Fishy Phish stuff indeed. It always helps when I scroll over the hyperlink and then glance down to the bottom left of my browser and read where it is sending me. Sometimes they get crafty and change little things.

Who knows, maybe one day they'll find a way around that too.

I've sent an email off to the bank and I'll let you know if they shower me with praise or anything of the like. Its unlikely, but worth the shot.

My bank is Citizens Bank of greater Phila,PA. Is this phish site refering to this?
mayapple
http://mayapple.ms11.net

there is a program that some banks/online payment processors have signed up to, which makes sure that the website you are entering in your details is actually the legit version. i cant quite remember the name, but when i do ill post it here. (if anyone is a member of stormpay, they just signed up to it and sent out an email to all their customers).