Citibank e-mail looks phishy

Peter Gutmann pgut001 at
Mon Nov 13 01:39:44 EST 2006

"Cid Carlos" <Carlos.Cid at> writes:

>Citibank e-mail looks phishy

I think "Citibank aims at foot and lets loose with both barrels, then reloads
and shoots a second time" would be a better title.  This is a really scary
example of what Perry once referred to as banks actively training users to
become future victims of phishing attacks.  What's even worse is that Citibank
uses such a profusion of marketing-driven vaguely bank-related domain names
(e.g., although this now seems to have been shut down) that
the email could just as easily have directed users to <random bank-sounding
name>.com without raising too much suspicion.  Any half-awake phisher will
immediately send out an identical email sending people to some other vaguely
correct-looking URL and asking for the same information.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list