Wide-scale phishing campaign targets Citibank customers

Threat actors have launched a massive phishing campaign using fake account suspension alerts targeted at Citibank customers in an effort to exfiltrate sensitive personal information, according to BleepingComputer. Bitdefender reported that recipients are being warned by the phishing emails, which feature Citibank logos and seemingly legitimate sender addresses, that their accounts have been put on hold as a result of suspicious login attempts or transactions and are being advised to immediately verify their accounts to prevent being suspended permanently. Clicking the embedded button in the email will redirect victims to a website spoofing a legitimate Citibank portal, where they will be asked to sign in. American users have been targeted in 81% of the phishing messages in the campaign, while 40% of emails have originated from U.S.-based IP addresses, said the report. Bitdefender also discovered that Citibank has also been used in another wide-scale phishing campaign from February 11 to 15 that lured recipients into believing they were eligible to a $5 million compensation from the United Nations.