The surge in the number of phishing attacks on financial services companies continued without letup in June, topping 1,000 attacks. Once again Citibank was the most targeted with 492 attacks compared to 370 in May, and 34 in January. Of the more than 1,400 total attacks reported to the Anti-Phishing Working Group in June, 92% used forged ‘from’ addresses. The number of attacks on the financial services sector hit 1,099 compared to 848 in May, 832 in April, 256 in March, 131 in February, and only 17 in January. Phishing attacks use “spoofed” e-mails and fraudulent Web sites to fool recipients into divulging personal financial data such as credit card numbers, account user names and passwords, social security numbers, etc. By hijacking the trusted brands of well-known banks, online retailers, ISPs and credit card companies phishers are able to convince up to 5% of recipients to respond to them.