The technique, known as spear-phishing, lures potential victimsby appearing to come from a trusted source, such as a member of theIT staff at the same company. The email may ask for usernames,passwords and other personal information or redirect recipients toa bogus version of the company website or intranet. "Those whoreply to these messages will inadvertently be supplying informationthat the phisher can use for malicious purposes, such as identityfraud," the company explains.

Spear-phishers can generate the email addresses of potentialvictims through trial and error, or by exploiting a list ofemployees on social networks like Facebook or LinkedIn. The bottomline: Think twice before responding to any email or text message,even if it seems like it's from a trusted source.

Still not convinced there's a need for caution? Consider thesefacts from SophosLabs just released midyear security threatupdate:

• Total number of different malware (virus) threats in existence:more than 11 million
• New web infections: one new infected webpage discovered everyfive seconds
• Spam-related webpages: one new page discovered every 20seconds
• Top malware-hosting country: US with 38%
• Top spam-relaying continent: Asia with 35%
• Email with infected attachments: 1 in 2500
• Spam in business email: 97%
• New types of spam: Cell, Facebook and backscatter spam
• Top host for malware: Blogger (Blogspot.com