Nearly 300 email fraud and phishing attacks were launched last month including 58 on Citibank and 42 on PayPal. Phishing attacks involve the mass distribution of spoofed email messages with return addresses, links, and branding which appear to come from banks, insurance agencies, retailers, or credit card companies. These fraudulent messages are designed to fool the recipients into divulging personal data such as credit card numbers, bank account numbers and passwords, social security numbers, etc. Because these emails look “official,” between 1% and 5% of recipients may respond to them. Tumbleweed Communications and the Anti-Phishing Working Group says the February attacks were up 60% compared to January and up 163% over December. Therefore, there were an average of 9.7 new, unique attacks sent out to millions of consumers each day. This week, the U.S. government nailed a spammer who posed as AOL and Paypal to facilitate credit card fraud. The U.S. Justice Department obtained a criminal conviction against Zachary Keith Hill of Houston and he is now awaiting sentencing. Hill sent out emails such as “AOL Billing Error Please Read Enclosed Email,” and “Please Update Account Information Urgent!” The emails took consumers to a spoofed AOL Web site. The defendant asked consumers to provide information such as their names and mothers’ maiden names, billing addresses, SSN, DOB, bank account numbers, and bank routing numbers. The defendant also asked consumers to provide their AOL screen names and passwords. The FTC alleges that the defendant used the information that consumers submitted to establish new credit card accounts, make unauthorized changes, and make purchases using the unwitting consumers’ credit information. The PayPal scheme worked in a similar way, with the defendant using the PayPal passwords that consumers provided to access consumers’ PayPal accounts and to purchase goods or services on their accounts. The Web site of the Anti-Phishing Working Group is “www.antiphishing.org”:www.antiphishing.org.