I’m not a security expert, but this warning at the Citicards site was quite a shock:
Customers using comment or blog tracking services on their computers run the risk that information submitted here could be displayed on those websites. Please disable your comment and blog tracking service before using Citi Cards Message Center.
Is this a real danger? What do you think?
Update (11/19): Several commenters here and on TechCrunch confirm what I thought myself: the warning likely refers to “tracking” products that offer a browser plug-in. In this case I was using FireFox with the BlogRovr plugin turned on. I know coComment offers a plugin, and whoever else does … well, Citibank considers it a security risk. Hm… food for thought.
Update #2: Wow, apparently this has been a well-documented problem for at least half a year, so Citi’s solution is to finally put up a warning message.