Let me ask you a simple question. How many sites are you a member of, and how many different usernames and passwords do you have?

Average internet user has hundreds if not thousands of different logins. Since trying to remember all those passwords is impossible, such user just write them down in an ordinary notepad or word file, and save them on her/his computer as-is, without any protection whatsoever.

May be you’re one of such users. If so, you need to secure this information asap. Otherwise, if your computer is hacked, all your passwords will be readily available to a perpetrator.

Believe me, computer hacking occurs much more often than you think. You probably think it happens to somebody else, but it will never happen to you, right?

Well, let’s see… You’re reading this post, so you’re obviously connected to the Internet. Can you honestly tell me that you know the exact permissions and protocols required by each program installed on your computer? Are you sure that you know the number of processes required by each program, correlated PIDs and port numbers used by this program both for incoming and outgoing connections, as well as ip range?

Do you also know how to identify stealth connections? And, to begin with, how to verify the authenticity of the application/program that you want to install?

If you don’t know answer to all these questions, then you can’t be sure whether your comp is safe or it’s already been hacked and is operated by another man.

I don’t want to scare you. I’m just telling you the facts.

So, if you now keep all your passwords on your comp, I highly recommend you to go right now and purchase RoboForm.

Without going too much into technical details, this password-protection tools stores and encrypts your usernames and passwords for numerous sites, and when you need to login, you just enter one master password. It also fills long registration and checkout forms for you with one click.

And since RoboForm runs a Black Friday Special, right now you can get a discount off first license.

Combine this with the fact that RoboForm uses strong encryption, and can sync your passwords to Pocket Pc and Palm, and you’ll see why I think it became a viable option for password management.

During this year we’ve seen many phishing scams that were pretty simple. In essence, twitter users were asked to go to a certain url (usually to watch some funny video or download digital “gift”), and on that page they saw something similar to twitter login screen. So they assumed they have to login to “twitter” in order to watch this video.

Of course, this “twitter login page” was nothing more than just a page mirroring actual twitter login page, and its whole purpose was to gather the usernames/passwords provided by unsuspicious twitter users…
Then perpetrators used those accounts to twit the same url (and other malicious links containing trojans and viruses) to other twitters.

Watch this video to better understand the mechanics of this twitter phishing scheme:
Now hackers changed their tactics. Sure, “twitter mirror” is very “productive”, so it’s not going anywhere, hackers will continue to use it. But instead of sending twits from the compromised accounts, they now send direct messages.

If you think about it, it’s much more effective for hackers, and much more dangerous for average twitter users.

If twitter user will see a few messages posted on her/his account, s/he will quickly realize that account is compromised, and will change the password. Then the game is over.

With direct messages, on the other hand, it’s quite another story. How many people actually check their outgoing DMs within twitter account? Exactly. Only a few. People look at the incoming DMs, because that’s the messages from their friends. But they probably haven’t look at their outgoing DMs even once since they set up automatic welcome message.

So the chances of average twitter users to notice abnormal DM activity in their accounts are minimal…
If you’re reading this post, and you’re avid twitter user, please go and check your DMs right now. And if you see suspicious activity, change your twitter user/password asap.