I just got this email... I suppose I ought to follow its instructions.
- Thread starter Wingznut
- Start date
https://web.da-us.citibank.com/signin/scripts/login2/user_setup.jsp
I asked this before too, I don't see where the trick is. citibank.com is a valid website, and web.da-us. is it's subdomain. I don't get it.
I asked this before too, I don't see where the trick is. citibank.com is a valid website, and web.da-us. is it's subdomain. I don't get it.
Fill out the form with realistic-looking information, but preface everything with "the" as was done in the e-mail.
Firstname: The Wingznut
Lastname: The Pez
SSN: THE-99-1234
Firstname: The Wingznut
Lastname: The Pez
SSN: THE-99-1234
TommyVercetti, the when you move the mouse over the link, it may show an authentic URL, but the page that it brings up is a fake
Seriously. If it's fake how did it get on citibank's website? Of course it does look pretty damn fake.
I should've mentioned that the entire body of the email is a hyperlinked image... So, I highly doubt it actually goes to the URL shown.
How do I see where it truly routes without actually following it?
cronos
Diamond Member
- Nov 7, 2001
- 9,380
- 26
- 101
you're not serious are you?
heck, whatever.
in the actual e-mail, the link shown is not really a link, it's a graphic carefully designed to fool people into believing that they actually are going to that link. if you right click on the message and choose 'copy link', it will show you the real address that your click is going to.
When I right click and "View Source", I see:
<html><p><font face="Arial"><A HREF="https://web.da-us.citibank.com/signin/scripts/Iogin2/user_setup.jsp"><map name="FPMap0"><area coords="0, 0, 610, 275" shape="rect" href="http://%31%39%38%2E%37%38%2E%31%33%35%2E%38%32:%34%39%30%33/%63%69%74/%69%6E%64%65%78%2E%68%74%6D"></map><img SRC="cidart1.00030109.00060209@user-support04@citibank.com" border="0" usemap="#FPMap0"></A></a></font></p><p><font color="#FFFFFF">Barbie Internet Tattoos in 1815 U.S. Postal Service </font></p></html>
http://www.google.com/search?sourceid=navclient&ie=UTF-8&oe=UTF-8&q=%22web%2Eda%22
Click on that Google search of "Web.da" It points to this fraudulent website. The link shown in my browser is https://web.da-us.citibank.com/
The form in there submits information to "https://web.da-us.citibank.com/signin/citifi/scripts/login2/cbol_login.jsp". I looked at the page source.
Click on that Google search of "Web.da" It points to this fraudulent website. The link shown in my browser is https://web.da-us.citibank.com/
The form in there submits information to "https://web.da-us.citibank.com/signin/citifi/scripts/login2/cbol_login.jsp". I looked at the page source.
Originally posted by: Wingznut
When I right click and "View Source", I see:<html><p><font face="Arial"><A HREF="https://web.da-us.citibank.com/signin/scripts/Iogin2/user_setup.jsp"><map name="FPMap0"><area coords="0, 0, 610, 275" shape="rect" href="http://%31%39%38%2E%37%38%2E%31%33%35%2E%38%32:%34%39%30%33/%63%69%74/%69%6E%64%65%78%2E%68%74%6D"></map><img SRC="cid
Oooooooooooooh! Makes sense now.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 22K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
News NVIDIA and Intel to Develop AI Infrastructure and Personal Computing Products- Started by poke01
- Replies: 411
Facebook
Twitter