A fraudulent website claiming to be Citibank posed a threat to scores of consumers by trying to gain access to their bank accounts.
Cybercriminals were using a phishing site to convince consumers they were logging in to a legitimate Citibank login page, according to BleepingComputer, a resource site for answering computer, security and technical questions. The fake site was shut down immediately after it was discovered, Citibank said.
The site, which was discovered by MalwareHunterTeam, appeared to be an authentic-looking Citibank login page with a “convincing” domain name, update-citi.com, the report said.
If a consumer were to log in to the phishing site, they would be presented with various forms requesting personal information such as their full name, date of birth, address, the last four digits of their Social Security number, their debit card number, debit card expiration date and security code.
Once submitted, the private information was sent directly to the attacker’s server, which would then verify the information is authentic, the report says.
“It is believed, but not confirmed, that during this period the phishing page will attempt to login to Citibank using the credentials provided by the victim,” said the founder of BleepingComputer, Lawrence Abrams. “This is done in the background similar to this Steam phishing scam”
If the scammers were able to access a user’s Citibank account with a one-time PIN authentication, it would trigger Citibank to send the code to the victim’s cellphone number. Since the code will come from Citibank’s servers it will further authenticate the phishing site, BleepingComputer reported.