If you've received one of those e-cards in circulation that appears to be from a friend, co-worker or admirer, then you're not alone. But if you clicked on one of these cards, or worse, obeyed instructions in the card to download software in order to read the card, then you've probably been suckered.

According to security sources more than 250 million of these e-cards were received in July alone, as part of a massive and global id theft scam.

On the Today Show this morning, a security firm demonstrated how easy it was for a hacker to send  a legitimate card to himself, modify it so it hides an information-stealing Trojan, and then forward it to other users.

In the demo on the show, a security firm sent a modified card to an unsuspecting employee at a credit union who promptly opened it, downloaded the malicious software, and gave the software complete control of his hard drive (which also included his password and likely access to the credit union's customers.)

So if you receive one of these cards, best thing is to ignore it. If you recognize the sender, call or email them and thank them. But don't be tempted to install any software even if the card says you need to in order to enjoy the experience.

One of the collateral costs of identity theft that I’ve talked about for years is the impact on trust. As consumers it’s so hard to tell whether those emails or phone calls asking for account confirmation or password information are from legitimate companies or from crooks, the safest option is not to trust anyone.

The same trust issue arises at work, when we shop, eat at restaurants, even allow others to use our computer. So it continues to irk me how one of the biggest players in the middle of the id theft epidemic – credit card companies – are deliberately creating marketing strategies that only further erode this trust.

Today I received a letter from Discover Card thanking me for signing up for a payment protection service that’s supposed to help cover my credit card payments should I fall ill. The letter said nothing about when I signed up, how I signed up, or even how much it cost. To make matters worse, I never ordered such a service. Never would, don’t need them, and don’t trust them.

So when I called Discover Card the operator reminded that I should have received a phone call some days earlier explaining the service and asking me to acknowledge that I received the call.

The operator went on to say that in that call the Discover representative would also have informed me that my “yes” answer to “acknowledging” that I had received the call would also automatically enroll me in a 30-day trial of the payment protection program.

And I did remember that call, and how surprised I was when the representative asked me simply to confirm that the program and its benefits had been explained to me. And there was the gotcha. Of course the representative never mentioned the 30-day trial or my automatic enrollment.

Later that day, as expected, a charge of $53 appeared on my Discover Card statement for their payment protection program. I’m assuming it’s $53 per month and not per year – again I’ve received no explanation of the cost of the service I never ordered.

There is little more than a marketing strategy deliberately build around dishonesty. I didn’t ask for the service and in fact specifically stated that I didn’t want it (another credit card company had called me only a week earlier with the same pitch and I told them where to go to – guess I had better check that statement too).

So to enroll me in it anyway is nothing short of dishonesty, and possibly fraud. No doubt Discover’s defense would either be that I did agree to accept the 30-day trial and just didn’t remember, or the representative made an error and will be disciplined/reprogrammed/taken outside and whipped etc.

What makes matters worse is that we’ve known for years that the credit card industry constantly strives to create new marketing strategies that will con, dupe or confuse consumers into paying for things they don’t want and didn’t ask for.

And yet as the guardians of some of our most sensitive financial information they continue to plead for our trust and confidence.

Speaking personally, my trust is shot. I don’t trust any call or email that purports to be from any financial organization because it’s too hard to tell the difference. But when I can tell the difference and determine that it really is my bank or credit card company, I trust it even less.

In many ways the greed, stupidity, and dishonesty of the financial industry makes them a powerful ally to identity thieves worldwide.

Because Internet identity theft continues to be a worldwide problem, the sanctuary of safe online surfing may seem like a distant dream.

Every day brings either a new identity theft threat or a new and more creative version of an old scam. Thieves have good reason to be more creative — technology is getting better at stopping scams, law enforcement is better at identifying culprits, and consumers (at least some of them) are becoming more aware and taking steps to prevent identity theft.

But another reason thieves are becoming more creative is because there’s a lot of money at stake. More consumers, more high-speed Internet connections, more credit cards and more online stores means lots more business opportunities.

Security experts that track hackers and identity thieves regularly report online stashes containing credit card information worth millions — information that’s being offered for sale on the hacker black market. Ask yourself this…what would happen if your personal information somehow ended up in one of those stashes?

It’s no wonder we don’t seem to be making much headway on many security fronts. The number of identity theft victims annually seems to have leveled off lately and may even be falling. That could be because victims are not coming forward as much because their credit card companies or banks have reimbursed them fully for any losses, and they therefore don’t see themselves as victims. But someone’s paying for all that zero-liability — and it’s usually folks like you and me.

But while the battle rages on, there are still plenty of things you can do to help prevent Internet identity theft.

One of the most important identity theft protection steps you can take is to keep up-to-date with patching your browser. Patches are essentially repairs to fix recently discovered vulnerabilities. Hackers and identity thieves are very quick to develop and deploy tricks to exploit these vulnerabilities, and if you visit an infected web site with a vulnerable browser, these sites can infect your computer with everything from bots and Trojans to password-stealing keyloggers and spyware.

All good browsers, including Microsoft Internet Explorer and Mozilla Firefox, make it easy to have your browser automatically check for and install any new patches.

Bogus and pharming web sites are also on the rise, and many of them simply take advantage of busy users who mistype a URL into their browser.

Hackers are known to register thousands of domains with similar spellings to popular web sites, and users who accidentally mistype a URL may end up on a password-stealing web site that looks identical to their bank web site. Once they reach the bogus site, users are just a few keystrokes away from falling victim to identity theft and fraud.

And whether you surf from home, from work or from your favorite coffee shop, make sure you keep any personal or sensitive information on your computer to a minimum.

There are so many ways thieves can access your hard drive, the best identity theft protection is to have as little valuable information as possible on your computer. So don’t risk exposing your personal information unnecessarily.

There seems to be no end to the string of data breaches that almost daily expose our personal data to potential abuse. What's more disturbing is that many if not most data breaches are the fault of employees and insiders. Possibly someone just like you.

In two of the most recent cases, a Disney contractor was arrested for trying to sell customer names and credit card numbers on the internet, while a database administrator of a major check clearing company was charged with stealing and trying to sell nearly 3 million customer records.

So I did a quick study of the most recent data breaches and guess what? Out of 31 publicly reported data breaches just in June of this year, 24 were attributed to employees and other insiders.

The good news is that very few of these breaches were as a result of dishonest insiders. But the bad news is that the majority of breaches were as a result of stupid mistakes, lack of awareness, or sheer carelessness by employees.

Like the professor who took his laptop on vacation to South Africa, where it was promptly stolen. Along with the names and social security numbers of 8,000 students - highly confidential information that should never go on vacation anywhere. 

So one big way you can all help to reduce the endless data breaches that have us all on edge is to make sure you're not the next one in the dock. Take a little more care in the workplace, don't get complacent about security, and treat everyone else's data as though it were your own personal Social Security number.

It wasn't expected to take long before hackers found vulnerabilities in iPhone but few expected it to happen within weeks of launch.

But researchers claim to have found a number of security flaws in iPhone that could leave it vulnerable to being remotely hijacked in the same way your personal computer can. So far the flaw seems to be able to allow a hacker to hijack an iPhone that visits a web site hosting malicious code.

Once the iPhone is infected the hacker can control it remotely and steal any data on the phone. 

The researchers are not giving away too much information yet, to allow Apple time to fix the flaw. But they have threatened that if Apple doesn't fix the problem in a few weeks, the researchers will reveal more details about the vulnerability at an upcoming conference.

Expect more of the same as hackers get their hands on iPhones and start tearing them down. As far as security is concerned the iPhone is likely to be a victim of its own success. The more people use one, and the more information they store on them, the more economically viable the iPhone becomes as a hacker target.