When Citibank’s managers presented credit cards six months ago, they never expected that Citigroup’s first encounter with “fishing” would be in Russia.
Photo: Alexey Kudenko
|
 |
“Fishers” Spread Their Nets to Citi
// A New Type of Card Fraud in Russia
Internet Technologies
Citibank distributed a statement yesterday denying it was involved in a mass e-mailing of letters requesting more precise plastic card information. A client who clicked on the link ended up on a phony Citibank website where he was asked to enter his card number and PIN code. This type of fraud is known as “fishing” in the West, but this was the first such case in Russia and a number of clients have already taken the bait.
As of April 1, 2004, Citibank ranked 11th among Russian banks in net worth (8.96 billion rubles) and 13th in amount of net assets (57.79 billion rubles). It is in 35th place among the most retail-oriented Russian banks with 3.6 billion rubles attracted to accounts.
Yesterday Citibank Russia distributed a statement signed by its president Allan Hirst denying it was involved in electronic fraud. The matter concerned a mass e-mailing of letters in Russia, allegedly on behalf of Citibank, requesting more precise plastic card information. A client who clicked on the link contained in it ended up on an exact mirror copy of Citibank’s website, where he was asked to enter personal information supposedly lost as a result of a technical system failure, e.g., card number and PIN code.
“These messages were actually sent to Citibank clients by frauds,” the bank warns in its statement. “Under no circumstances does Citibank ever use e-mail to obtain confidential information from its clients.” There are tens of thousands of Citibank cardholders in Russia. However, the letter did not only reach Citibank clients and cardholders of other banks might also have been caught.
Thus it is still difficult to estimate the extent of the fraud. Mass e-mailings allegedly on Citibank’s behalf have been going on for at least three months—at least, Kommersant employees have been receiving the letters since winter. So far, Citibank has not registered any cases where its clients have suffered losses from this fraud, although according to Kommersant’s information, a number of cardholders have entered their information on this site.
In the West, these schemes are known as “fishing”. Two weeks ago, English police announced they had caught the first fraudster involved in this scheme. A 21-year-old British citizen whose name was not released in the interests of the investigation was caught during authorization of “client” information obtained from the Smile virtual bank owned by Co-Operative Bank.
According to police information, about half a million depositors had entered their card numbers and PIN codes on the phony site. After that, money could be drawn from the cards through Internet stores, or by means of telephone or mail authorization, which is widespread in the West. The most dangerous thing about this type of fraud is that operations using a PIN code are generally impossible to dispute and liability for carrying them out lies with the cardholders.
Appearing on the list of victims for last year are major banks such as Barclays, Lloyds TSB, and NatWest. Citibank has never before been on the list of “fishing” victims. Citibank’s Russian branch was not only the first bank in Citigroup, but also in Russia to have these letters sent in its name. Citibank President Allan Hirst promised that, “in the event of receiving notification from clients of a loss of funds, Citibank is prepared to act in the interests of the client on an individual basis in evaluating each notification.” However, the client’s best chance of keeping his money in this case is to block the card on time.
Nadezhda Pomerantseva
All the Article in Russian as of May 19, 2004
|
|
|
