"Emails purporting to be from the Citigroup Security Management Staff, which seek to gather confidential login information from you. These emails are part of a fraudulent attempt to get access to individual bank accounts.
Ironically, the note?which contains the CitiBusiness logo?indicates that it seeks this information from you as part of a security upgrade designed to protect you from fraud.
Never ever ever ever ever ever ever ever ever ever respond to any email that asks you to log in to anything. NEVER.
If you have an online account somewhere always navigate there in your own browser with your own links stored on your own machine. And forward that email to the security team at wherever it refers to .com
Whew Sorry for ranting all, those crims make me sick and I hate to see them scamming nice folks.
What we need to do is inform the public of these scams and tell them what emails to respond to and which not to. Obviosly, some study has indicated that people fall for them, or they wouldnt still be doing it.
I have a very keen sense of what to click adn what not to click. If you actually won a contest from a real company, I dont think they would contact you by email these days.
These are good sites for checking out something that seems too good to be true.
The popular scams, phishes, etc., will say your account at (fill in the blank) has a problem, a survey can get you (fill in the blank), etc. You get the idea.
Rule one: keep anti-virus and anti-spyware up to date and run often. You cannot be too careful.
Rule two: never click on a link or download a file, even if you know the person. Contact the sender and confirm they sent you a file. If a company sends you an email, go directly to their site and initiate the check yourself from their site.
Rule three: be careful where you and the kids surf. Even “nice” sites like neo-pets contain spyware.
There are some great Anti-virus and Anti-spyware programs out there, and many are free. However, they are not the be-all/end-all. Each one tackles things a little differently so it’s okay to have three anti-spyware programs.
Anthony,
Actually companies do contact by email especially if there’s more than one winner, and especially if the company is leans to the IT and the contest was primarily on-line, ie surveys from Home-Depot, etc.
These surveys, of course, are totally different than the ones that just pop up from no where. Legit surveys are printed on your register or product label, etc., and often linked on their company homepage.
Ebay will accept phishing reports via email at spoof@ebay.com
Forward the original mail with full headers. Most email apps suppress most of the header info since users normally don’t care about anything other than where it came from (usually wrong for these things) and the subject line.
The good info that helps locate (sometimes) the sender is hidden unless you show full headers. Different email apps use different commands for showing the full headers so poke around a bit or post which email app you’re using and somebody with access to that app can give the exact command/menu/etc.
I’ve sent lots of phishing reports to ebay and paypal. They’re usually pretty quick about verifying if it’s a scam and they have an auto reply setup with detailed info on generally avoiding the problem.