If you've received one of those e-cards in circulation that appears to be from a friend, co-worker or admirer, then you're not alone. But if you clicked on one of these cards, or worse, obeyed instructions in the card to download software in order to read the card, then you've probably been suckered.

According to security sources more than 250 million of these e-cards were received in July alone, as part of a massive and global id theft scam.

On the Today Show this morning, a security firm demonstrated how easy it was for a hacker to send  a legitimate card to himself, modify it so it hides an information-stealing Trojan, and then forward it to other users.

In the demo on the show, a security firm sent a modified card to an unsuspecting employee at a credit union who promptly opened it, downloaded the malicious software, and gave the software complete control of his hard drive (which also included his password and likely access to the credit union's customers.)

So if you receive one of these cards, best thing is to ignore it. If you recognize the sender, call or email them and thank them. But don't be tempted to install any software even if the card says you need to in order to enjoy the experience.