Virus protectionProtect your computer by ensuringyou have an effective virus protectionprogram that you regularly keepupdated.

For furtherinformation

Visit www.citibank.com and click onthe section marked “about e-mailfraud.” Additional information can befound at www.antiphishing.org

How to report a‘phishing’ attack

related to CitibankGo to www.citibank.com, click on“about e-mail fraud” (bottom ofhomepage) and go to “report aspoof.” Alternatively, you can visityour local Citibank website.

© Citigroup Inc. 2004

rev0

70

4

‘Phishing’

Spyware

‘Phishing’plus

Spywarei.e

‘keyloggers’

and ‘trojans’

Use of Spyware –i.e. ‘keyloggers’

and ‘trojans’Criminals are also responsible for theuse of spyware (‘keyloggers’ and‘trojans’) – software that is secretlyinstalled onto your computer and iscapable of capturing your keystrokesor searching your computer foraccount details or credit card details.

The criminals embed spyware in awebpage, e-mail, spam mail orattachments, and when you open theinfected item, the software is secretlyinstalled onto your computer.

Delete suspicious e-mails withoutopening them and don’t opensuspicious attachments, even if theyappear to have come from someoneyou know.

Citigroup Security andInvestigative ServicesFraud Management Program Office

Citigroup Security andInvestigative ServicesFraud Management Program Office

What is ‘phishing’?The more you use the internet, the more you rely on its convenience for services suchas banking, online shopping and others.Unfortunately, the internet is also exploitedby criminals who send out e-mails thatpurport to come from one of those services.These e-mails look surprisingly genuine, andare commonly called ‘phishing’ e-mails.

How to recognize a ‘phishing’ e-mail

You may receive an unexpected e-mail from your bank or one of the other servicesyou use, but actually it will be someoneposing as your bank or service. It usuallyasks you to send your account detailsand sometimes your PIN either by returnmail, or through a website. You could beencouraged to navigate to thatwebsite via an embedded hyperlinkwithin the e-mail.

The criminals cleverly attempt to trick you by using words such as “security and maintenance” or “investigation ofirregularities.” They might say things like“your account has been frozen”, “we need toreconfirm your details”, “your credit card hasbeen cancelled” or even “you have a largesum of money in your account, please verifythe withdrawals.” This is intended toincrease the likelihood of you clicking on thehyperlink to log in or complete a set ofquestions.

What you need to know

If your PC is not adequately protected withup-to-date virus and firewall software, or isnot regularly ‘patched’ with software fixes,be wary of clicking on a hyperlink embeddedin an e-mail. If you need to go to yourbanking or online shopping service, ensurethat you manually type their advertised webaddress into the web address line.

Your bank will never ask for information or your confidential PIN via an e-mailinstruction, so don’t panic. Resist thetemptation to reply or follow the e-mailinstructions – even if you are being told thatyour account has been frozen or cancelled,or that you may incur a financial penalty.

If you are suspicious, contact the companycited in the e-mail using a telephone numberyou know to be genuine and verify the e-mail – do not reply to the possible‘phishing’ email.

Although secure websiteaddresses begin with

https: (“s” indicating theyare secure) and have the

padlock icon on the bottom right, thesecriminals have been able to “spoof” thesefeatures, and you cannot rely on them totally.When you double click the padlock icon, a dialogue box will appear indicating who owns the license, e.g., "Issued towww.citibank.com." However, criminals usefraudulent pop-ups with legitimate web sites (pop-ups are windows that suddenlyappear and contain a menu of commands) to capture personal information, andsometimes the pop-ups appear to be log-inscreens. Therefore, absolute reliance on thepadlock icon can be risky.

BEWARE:

Protect yourcomputer with

up-to-date virussoftware.

Delete suspicious e-mails withoutopening them.