I got a pretty good attempt in my email from "SmithBarney" I was suspicious so I looked at the originating address in the header, finding that it was from Korea. I sent the header to Smith Barney and got a quick reply:
Thank you for contacting the Smith Barney Access Help Desk.
The e-mail you received is fraudulent and it should be deleted from your e-mail inbox without opening it. Citigroup security has identified the website host and initiated actions to shut down the website. The Smith
Barney Access homepage carries an Alert about fraudulent e-mail, along with a link to a page that displays the e-mail in question and addressing
the more general topic of e-mail Phishing. The alert links users to https://www.smithbarney.com/security.html#fraud where they can view our example of the phony e-mail and the fraudulent web page. If you would like
to forward the e-mail, please do so at firstname.lastname@example.org. If you responded to the e-mail, please contact the FMA Client Service Center
at 1-800-634-9855 and state that you provided information to the "Phishing" e-mail. You will then be asked what information was submitted, and the Call
Center will take the proper steps to determine if your account was compromised.
The privacy and security of your account information are important to us and we have taken a number of technological and procedural steps to help
provide for a secure environment.
If you are not a Smith Barney client, please delete the email.