The technique, known as spear-phishing, lures potential victims by appearing to come from a trusted source, such as a member of the IT staff at the same company. The email may ask for usernames, passwords and other personal information or redirect recipients to a bogus version of the company website or intranet. "Those who reply to these messages will inadvertently be supplying information that the phisher can use for malicious purposes, such as identity fraud," the company explains.

Spear-phishers can generate the email addresses of potential victims through trial and error, or by exploiting a list of employees on social networks like Facebook or LinkedIn. The bottom line: Think twice before responding to any email or text message, even if it seems like it's from a trusted source.

Still not convinced there's a need for caution? Consider these facts from SophosLabs just released midyear security threat update:

• Total number of different malware (virus) threats in existence: more than 11 million
• New web infections: one new infected webpage discovered every five seconds
• Spam-related webpages: one new page discovered every 20 seconds
• Top malware-hosting country: US with 38%
• Top spam-relaying continent: Asia with 35%
• Email with infected attachments: 1 in 2500
• Spam in business email: 97%
• New types of spam: Cell, Facebook and backscatter spam
• Top host for malware: Blogger (Blogspot.com