Citibank has an email problem. Want to see it? Go to citibank.com. Click on “Contact Us,” near the top right-hand corner of the homepage. Then click “Send an Email” on the right side of the page.
What you see is a warning from your browser that you may be following a link to an unsafe site.
If you choose to click through anyway, you’re sent back to Citibank’s homepage. This is, umm, how should we put it?… a sub-optimal user experience.
The security shortcomings at Citi deserve particular attention considering the denial-of-service attacks on bank websites from Iran in recent days.
The problem with the Citi site appears to be easy to fix, in fact. When trying to click through to Citi’s email form using Google Chrome, that browser indicates that the link domains are mismatched. Specifically, the user is attempting “to reach www.citi.com, but instead you actually reached a server identifying itself as www.citibank.com.” According to Chrome, “this may be caused by a misconfiguration on the server or by something more serious.”
If you look carefully at Citi’s Contact Us page, you’ll see that Citibank requests that users log in before attempting to contact the bank. It might be the case that users who are logged in to the Citi site (meaning active customers) might be able to use the email form without the error messages, but we can’t confirm that. Suffice it to say, something is wrong with the Citi site, and it is time to tidy up this little mess.
UPDATE: On February 1, 2013, a representative told us that Citibank had fixed this problem. Email away!