A relatively sophisticated scam is targeting Citibank customers in Australia.
Security company Mailguard has warned of a new scam campaign designed to gain control of its victims' bank accounts.
The initial contact is in the form of an email warning that "Your account has been temporarily limited", with a link to a replica of Citibank's login page, one that Mailguard describes as "highly realistic".
After accepting the user ID and password, the fake site asks the victim to "confirm" (that is, reveal) their date of birth and mobile phone number.
It then says a one-time PIN has been sent to the victim's phone. But what Mailguard thinks is happening behind the scenes is that the scammers log into the real Citibank site using the victim's credentials and start a transaction.
That causes Citibank to send a genuine one-time PIN to its customer, who then types it into the fake site. The scammers then use the PIN to complete their fraudulent transaction.
According to Mailguard, the two main clues that this is a scam are that neither the email's reply address nor the URL of the fake site starts with Citibank's domain.
Following links contained in unexpected emails is always risky, and with critical online services such as internet banking and email it's best to enter the URL directly.
Mailguard claims it blocked this email campaign before it could reach any of its customers.