We recently posted a blog on the topic of identity theft and social media accounts are fast becoming a lucrative target for hackers, especially for spreading malicious software capable of stealing your personal information. To some, losing control over their Facebook or Twitter accounts could be just as devastating as having their credit card stolen. To make matters worse, for many users, having one login account stolen means hackers have access to their other accounts as well.

A piece of malware called Ramnit reportedly stole the usernames and passwords of over 45,000 Facebook users. It infects Windows applications and HTML files. A bulletin by security researchers at Seculert has been issued with the details of the malware. According to the bulletin, "Attackers behind Ramnit are using the stolen credentials to log-in victims' Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware's spread even further." The worm is capable of stealing other information as well, and has infected an estimated 800,000 machines since September. The majority of cases are from France and the United Kingdom.

Security is very important, and even if you are the type who wouldn't miss your Facebook account, the report adds, "In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services (Facebook, Gmail, Corporate SSL VPN, Outlook Web Access, etc.) to gain remote access to corporate networks." Keeping secure passwords and not re-using passwords across multiple networks is extremely important. BrightWire Networks suggests either coming up with your own password system for remembering multiple passwords across all of your accounts, or by using a secure password management system.

If hackers can get your credentials for Facebook, and you use the same credentials for your bank account, you may as well be leaving your keys, credit card, and wallet under the welcome mat for crooks. Employers will also want to educate their employees to prevent them from using the same passwords on company networks and accounts.