Citibank India has in all likelyhood joined the growing list of phishing friendly mainsleaze spamvertizing financial institutions in India.

Sanitized version of the e-mail received from a spam operator in my inbox.
<Quote>
Welcome to Citibank Credit Cards,

For the first time in India, Credit Card application goes completely online!

This is FASTEST way to get a FREE-FOR-LIFE Citibank Credit Card.

^ No Documentation Required
^ No Calls At All- Its a completely ONLINE process

All you need to do is fill out the simple form below.
On approval, your credit card will be delivered to the mailing address provided.
Click HERE to Register

To remove from mailing list click here
</Quote>

Analysis
From Address: "Deepti Roy" Doesn't mean much could be a Joe Job.
Un-subscribe drop box: mailto:apna1.loan@gmail.com?subject=remove
Actually a spam drop box on Gmail to collect verified e-mail addresses for another mainsleaze shot.

Embedded tracker Image: http://www.netnivaran.org/etrack?eid=EMAILID&mid=CITI
Hosted on a windows shared hosting on rediff.com
Also the e-mail as apparently sent using rediff hosting.
Received: from winhosting11.rediff.com (winhosting11.rediff.com [202.137.236.64])
Also evident from the e-mailing done using "X-Mailer: Microsoft CDO for Windows 2000"

Redirection URL: http://www.s2d6.com/x/?x=c&z=s&v=XXXXX
Apparently the domain is hosted on IP that belongs to "Deal Group DGM Platform"

Could it have been a joe-job on Citibank India. Doesn't look likely to me.
The target landing page is here with an HTTPS url
https://www.online.citibank.co.in/portal/citiin/forms/citi_focuscards_index.jsp?eOfferCode=DGMtracker
and is displayed as the following screenshot

Shudder: They ask for the existing relationship number with the Citibank on their site after a person reaches a landing page over there through a mainsleaze spamvertizement, how much more phishing friendly can a bank get.

More fun, received more spamvertizement trying to promote shine.com from the same set of morons hosted on rediff and redirection url on the same domain s2d6.com.

Action Taken: Sent an abuse report to Rediff and awaiting response.
Update: 30th May 2008: No response received from Rediff. Welcome to problem free spamhaus in India.

HT Media wholly owned subsidiary Firefly e-Ventures joins the list of mainsleaze spamvertizers using orkut profile visitor spam for promoting their job portal shine.com.

And clicking on the link in image above lands on the page whose screenshot is shown below.

Sure I gave them some benefit of doubt until I did a full text search on orkut for stickiwicket

Now there is something really wrong at so many levels with so many single, female(s) having a spamvertizement as their homepage url and then visiting a lot of orkut profiles expecting a pingback.

I also noticed that many of the profiles in orkut full text search have changed their homepage url to none after it had been the shine.com spamvertizement link suggesting that perhaps there was some form of profile hijacking which set the homepage url to spamvertizement link and then probably changed back by the owners of the profiles. Needless to say that orkut search index is a few hours behind the actual profile information.

A lot of young people share their email identity authentication information with shady sites which probably provide them with some extra functionality for scrapping on orkut but are not aware of the pitfalls awaiting them.

An explanation of orkut profile visitor spamming technique

Orkut allows a profile owner to view last 5 visitors. This is exploited by many shady businesses run by spammers who create fake profiles of 'hot, single, female's and mention the spamvertizement link in about me, location etc. fields of this fake profile. Worst part is such profiles have their scrapbook filled with zillions of frustrated 'single,male's who somehow hope against hope that there is some real person who loves to add spamvertizement urls to their profiles. This behavior is described better here.
Once a fake profile is added as a connection(friend) it opens it up for more spamvertizement urls in your scrapbook.

http://digg.com/tech_news/HT_Media_spamming_Orkut_for_job_portal_Shine_com

Update: They have been spamming full-blown ever since, received a whole ton of spam from them till now even though I never registered with them.