Social engineering in play. It is imperative that people do not reveal critical information about themselves over a non-secure internet connection. Information like username, passwords, bank accounts, creditcard numbers.

Few days ago I received a mail from an anonymous source impersonating as a bank and requesting for personal and critical information - bank username and password. Unbelievable. The very existance of this mail proves that there are some gullible people out there who could be hoodwinked into giving such critical information.

Take a look at a sample...

Dear Citibank Member,

This email was sent by the Citibank server to verify your e-mail address. You must complete this process by clicking on the link below and entering in the small window your Citibank ATM/Debit Card number and PIN that you use on ATM. This is done for your protection - because some of our members no longer have access to their email addresses and we must verify it.

To verify your e-mail address and access your bank account, click on the link below.

www.citibank.com/?5yUECGu0WzFspKLIk5Xr4d03r4n5e87jsXq5HTAsvTIXrp7qCxfn06m60

Alarming, isnt it!