Last week my life was literally ruined when I received an email from what I thought was citi fraud protection. The very official looking email looked like the real thing to me and upon getting I rushed to unlock my account. Fortunately I documented everything and hopefully others can learn from my $7,681.93 mistake.
Here is the email I received:
Unlocking my account:
My credit card statement:
My poor compromised credit card:
Apparently the practice is referred to as “phishing” and involves people faking their return address in a way that can fool even the most practiced web experts.
How to avoid this insidious trap…
A number of fraudulent email messages that claim to be from Citi Cards, Citibank, or Citigroup have been forwarded to us by our cardmembers. These schemes change frequently and often have links or attachments with links. Users who click on the links are taken to look-alike or “spoofed” sites where they are asked to enter personal data.
Examples of Phishing Emails:
Check Emails for Security
The best way to verify a Citi email is to look for the Email Security Zone header at the top of the email. Every Citi Cards email includes your first name, last name, and the last 4 digits of your card number.
Please note that Citi will never ask you for your PIN number, and will never include your full account number in an email–only the last four digits. If you receive an email claiming to be from Citi that includes your full account number, do not respond to it. Instead, forward it to email@example.com.
Report Email Fraud
If you suspect that an email appearing to be from Citi is fraudulent, forward it immediately to firstname.lastname@example.org. An Internet Security Specialist will investigate. If you have replied to an email with personal information, and now think the email was fraudulent, call us at the toll-free number on the back of your card. Citi will issue a replacement.
The Best Buy in Florida took this picture of "not" me purchasing $2,759.52 for a new plasma TV and Blu-Ray DVD player. Hope you are enjoying all of your new things Jerome (if that is even your real name.)
Jesus forgives you “Jerome”.
No not that one, Jesús Avular the very curteous and professional man from Citi who helped me when I called.
8 Responses to “Citi credit card fraud spam costs me $7,681.93”