[X4U] Safari vulnerability test fails

Xavier Noria fxn at hashref.com
Thu Dec 9 08:57:28 PST 2004

On Dec 9, 2004, at 5:39 PM, Robert wrote:

> I personally don't trust any thing to do with the name Citibank and 
> internet. It seems like every second week i get an email from them 
> asking for all kinds of information relating to a bank account that I 
> don't have. They, who ever is doing this,  is trying to get credit 
> card info, pin numbers etc. I think that they are trying to get info 
> so that they can steal from me. In fact last week on our local news 
> these emails and people getting ripped off. Who ever is doing this 
> wether it is citibank or someone else is using citibanks logo to make 
> it look real. My opinion I think that they are trying to find out as 
> much as they can by scanning your computer so that they can steal from 
> you. Bob

Normally those emails pretending to be from Citibank, eBay, PayPal, 
etc. have a URL that _seems_ to point to their respective domains, but 
that uses some tricks that are not obvious unless you know something 
about URLs to actually bring you to somewhere else.

Of course, that "else" is likely not to be a ONG, but a malicious 
server that has nothing to do with the actual companies. You are in a 
page that resembles one from the original site (that's very easy to 
imitate), whith a form whose input goes right into the impostor's 

So NEVER trust those mails.

-- fxn

More information about the X4U mailing list