Citibank is Phishing Me – Do Banks Never Learn?

Phishing is a huge problem and you would think banks know better.

What is Citibank thinking? The email I just received contains:

Link text:

Actual link (see status bar):….4CA8377332533513….

Link destination:…

Login form? Check

Citibank logos all over the place? Check

Domain that isn’t Check

SSL certificat not issued to Citibank? Check

So this must clearly be a phishing email, right? Actually I think it’s not. But it’s definitely not very smart.

Citibank has some instructions so I will report this as phishing. Let’s see what their reply is…