Home>About "Phishing"

About Phishing

Phishing - Beaware
What is 'phishing'?
Internet and email users across the world are often targeted by an internet scam called "Phishing". Emails are sent by fraudsters intending to collect critical personal and financial information through a fraudulent email that appears to be from a legitimate bank.
These e-mails look genuine and always contain a link to a "spoofed" website asking you to provide update or confirm sensitive personal information.
These emails are commonly called 'phishing' e-mails.
What "phishing" emails are after?
  • Password or PIN
  • Credit card validation (CCV) code
  • ATM/Debit Card or Credit Card number
  • Social Security Number (SSN)
  • Bank Account number
Even if you do not provide what they ask for, simply clicking the link could subject you to background installations of key logging software or viruses.
Key logging is another method to capture your personal information. Here's how it works. You click on a link to a website or open an attachment that secretly installs software on your computer. Once installed, it records everything you type, including any User name, Password and account or personal information. Fraudsters know how to retrieve this information, or even set it up to automatically have it sent back to them! This is a very real risk when using public or shared computers such as those in Internet cafes.
How to identify a "phishing" email
Although there's no foolproof formula for spotting a spoof e-mail or web site, these signs should arouse your suspicion.
  • There may be a sense of urgency in the email with messages like
    a. "for security and maintenance of your account"
    b. "for investigation of irregularities.",
    c. "your account has been frozen",
    d. "we need to reconfirm your details",
    e. "your credit card has been cancelled" or even
    f. "you have a large sum of money in your account, please verify the withdrawals."
This is intended to increase the likelihood of you clicking on the hyperlink to sign on or complete a set of questions.
  • There are embedded links that look legitimate because they contain all or part of the real company's name.
  • There may be obvious spelling errors. These help phishing emails avoid the spam filters that most Internet Service Providers use.
Citibank will never send you an email asking for your confidential or sensitive information like Username, Password, PIN, Mothers maiden name, Date of Birth etc.
What you need to do if you receive a fraudulent email
  • If you receive an email claiming to be from Citibank asking for your financial or confidential information, please do not respond.
  • Forward the fraudulent to spoof@citicorp.comand call our 24-Hour CitiPhone Banking Service at 17 58 2484(Citi). This will enable our Information Security regulators to shut down the fraudulent website.
  • After forwarding the email, you should delete it from your inbox.
  • In case you have already responded to the email providing confidential information/ details pertaining to you, please ensure that you immediately re-set your Citibank Online User Name, Password and ATM PIN by signing onto Citibank Online. You are also advised to check your accounts for any suspicious transactions by either calling our 24-hour CitiPhone Banking Service or by signing on to Citibank Online.
Important Tips to Protect Yourself
  • Whenever you use a link to access a website, be sure to check the website address. Our website address shows as www.citibank.com/bahrain on your browser and you are advised to type this URL or save it as a bookmark on your browser for any future reference.
  • Sign on to Citibank Online regularly - at least once a week - and monitor your account details to see if there are any transactions you do not recognize.
  • Register for Citibank Alerting Service. Account alerts are delivered to your mobile phone or email address with updates on your account balance, bill payment, etc. which will help you flag suspicious activity.
  • Change your Citibank Online Username and Password periodically - every 30 to 60 days is recommended. You can change this by signing onto Citibank Online.
  • Use a strong password - at least 6 to 8 characters consisting of characters, numbers and symbols. Example of a strong password - 5occerfan1963, mar28mbdd.
  • Update your anti-virus software regularly. Anti-virus softwares need frequent updates to guard against new viruses, so be sure to download updates as soon as they are available.
  • Use a personal firewall. Many ISPs (Internet Service Providers) offer this feature, which protect your home computer against unauthorized access by hackers.
Should you require further assistance, please call our 24-hour CitiPhone Banking Service on 17 58 2484(Citi) and a CitiPhone Representative will be glad to assist you.
Exclusive Promotions The best brands just for you!