New CITI Bank Phishing Scam Tricking Users

New CITI Bank Phishing Scam Tricking Users

An advanced level of CITI bank phishing attack has emerged on the web. This attack utilizes the use of OTP and TLS cert which makes it even more convincing. The scam tricks victim to easily divulge sensitive information including the password and additional OTP (One Time Pin) to the attacker’s phishing website.

The phishing mail advises the users to update their profile and mentions the final step of OTP to validate the user’s updated profile information. The malicious link is present in a PDF attached to the mail. The user needs to open the PDF click the link and login through the link provided to update their profile. The attacker cleverly by-passes the anti-virus filters provided by the email services by providing the malicious link in the PDF and hence, goes undetected.

Once the victim clicks the malicious link in the pdf, he/she is directed to the fake CITI Bank website designed by the attacker which is a replica of the American Bank Internet Banking log-in page.

The URL seems like a legitimate one and fools the victim into entering the username and password information. Once the user is logged in, an automated code in the background authenticates the user into the official site of CITI Bank. The attacker will likely perform a transaction that will result in an OTP. The below fake CITI bank page will remain active until the victim will receive the OTP and thereafter, asked to enter it.

Once the victim enters the OTP on the fake site, it holds the screen for validating the authentication, so that the user waits at their computer screen for its completion. The attacker after completing the authentication access the victim account to transfer money, change personal information and can even withdraw all the funds.

Phishing attacks are becoming advance and complicated day by day; therefore, it has become extremely important to pay attention to emails and URLs. Always check with the official site URL and call the customer service if there is any doubt.


Contact LIFARS For Phishing Attack Simulations On Your Organization