Phishing is a kind of credit and debit card fraud. By pretending to email from a bank or similar site, scammers "fish" for account numbers, passwords, social insurance numbers (SIN), etc. They trick consumers into divulging sensitive information so that unlawful charges can be made on the consumers' accounts. "SMishing", named for SMS (Short Message Service) the technology used for cell phone text messages, is a similar kind of fraud. It uses text messages to deliver the "bait" to get clients to divulge personal financial information.
A number of fraudulent email and text messages that claim to be from Citi™ Cards, Citibank®, or Citigroup have been forwarded to us by our customers. These schemes change frequently and often have links or attachments with links. Users who click on the links are taken to look-alike or "spoofed" sites where they are asked to enter personal data. Text message verbiage varies, but may direct users to a website or phone number, and usually contains something that claims to require immediate attention.
Examples of Phishing Emails
Sample Email
Below is a fraudulent email that was sent to a customer. Although it looks like it's from Citibank, it is not. To visit us, always enter www.citicards.ca.
Sample Email
Below is a fraudulent email that was sent to a customer. Although it looks like it's from Citibank, it is not. To visit us, always enter www.citicards.ca.
Sample Email
Below is a fraudulent email that was sent to a customer. Although it looks like it's from Citibank, it is not. To visit us, always enter www.citicards.ca.
Sample Email
Below is a fraudulent email that was sent to a customer. Although it looks like it's from Citibank, it is not. To visit us, always enter www.citicards.ca.
Example of SMishing Text Message:
/ Congratulations! Your CITI Card Cashback Bonus is ready to be redeemed! Simply call 877-240-2505 to redeem.
Check Email for Security
Please note that Citi will never ask you for your PIN number, and will never include your full account number, password or social insurance number in an email--only the last four digits. If you receive an email claiming to be from Citi that includes or asks for your full account number, password or social insurance number, do not respond to it. Instead, forward it to 
.
Report Email and Text Message Fraud
If you suspect that an email or text message appearing to be from Citi is fraudulent, forward it immediately to . An Internet Security Specialist will investigate. If you have replied to an email or text message with personal information, and now believe the communication to have been fraudulent, call us at the toll-free number on the back of your card. We will issue a replacement.
If you have provided personal information in an email that you now think was fraudulent - please contact us immediately:
Citi Cards Canada:
1-866-870-4344 toll free in Canada and the US
Citibank Canada:
1-800-387-9292 toll free in Canada and the US or
Within Toronto area, call 416-947-4100.
Register for Citi Cards Online and review your account frequently. Report irregularities immediately by calling us at the toll-free number on the back of your card.
Only send sensitive information on a secure website like ours, where you can be sure that your information is encrypted. (Emails are not encrypted and are much like sending a post card; anybody can intercept and view them.)
Look for the locked padlock symbol on the bottom bar of your browser to ensure that a site is running in secure mode BEFORE you enter sensitive information.
Monitor all your financial transactions. Review order confirmations and credit card statements as soon as you receive them. Make sure you're being charged only for transactions you made. Report unauthorized transactions immediately by calling us at the toll-free number on the back of your card.
Make sure that websites where you do business post privacy and security statements. Review them carefully.
Citi.ca is the source of information about financial services provided by the Citi family of companies in Canada
Copyright © 2010 Citigroup Inc.
