December 7, 2013
Was your password for Facebook, Google or your email just stolen? Would you know if it was?
The security firm Trustwave just found a file containing nearly 2 million stolen passwords for email accounts, social media sites and other services. The information was stolen by malicious software that gets onto your personal computer, records your keystrokes and sends the information back to the thieves.
With those passwords, identity thieves can enter your accounts and collect enough other personal information about you to take over your bank accounts, get new credit in your name, steal your tax refund and make your life miserable.
Here's what you should do right away to make yourself more secure:
1. Change Passwords: Facebook and some other companies say they've already changed the passwords of people whose information was in that file. But many people use the same password for all of their accounts, meaning that Facebook password will also get someone into your bank accounts. So change the passwords on sites that contain your personal information, and use different ones for different accounts. Then make a habit of changing them again once every several months.
2. Use Better Passwords: The most popular password in the hackers' file was 123456, according to Trustwave, which makes it way too easy to guess. So pick safer passwords. (See How to Pick a Secure Password.)
3. Check and Protect Your Computer: The software that steals your keystrokes can enter your computer many ways. You can insert a flash drive or DVD that contains it, or download an infected program, or click on a "phishing" email that includes the bad software. Use an anti-virus program -- PC Magazine offers reviews of the best ones -- to protect your computer and check it regularly.