It's always been risky for anyone to click on sketchy Internet links or make digital passwords easy to guess. For some users, the stakes are even higher. For example, you may be the chief financial officer of Twitter Inc., and you may accidentally send spam to the world via your company's own site.
That actually happened on Tuesday when Twitter's chief financial officer Anthony Noto's account was hacked.
Embarrassing as that was, he's not alone. The same day, Newsweek magazine's Twitter feed was also breached, and accounts from the New York Post to Burger King have been targetted in the past.
But here are four things you can do to protect your Twitter account:
1. Set up your account so that every time you log in, the site sends a code to your mobile phone.
That way, you can only get through if you have your phone to retrieve the code. (Don't lose it in a cab.) This is called two-step verification. It's one of the best ways to safeguard your account, if you don't mind waiting a couple of extra seconds for the code. Twitter added this as an option in 2013 and recommends using it, though it's not required.
2. Choose a strong password, and not the same one you use on other websites. Update it regularly.
Strong means at least 10 characters, Twitter advises, with capital and lowercase letters as well as numbers. Don't use your dog's name or your birthday. Set it up so that whenever you change it, Twitter will ask you to answer personal questions to make sure it's a genuine request. You can update your password in your account's settings.
3. Beware of links from someone you haven't spoken with in years
If you get such a link that says this is really interesting or got them a great deal, there's a good chance that person's account has been compromised.
It could be from a spammer, so don't click on it - doing so might end up sending all your acquaintances similar links.
4. Stay away from suspicious third-party apps
The ones that ask for your Twitter user name and password in order to give you access. They could be collecting and selling the information. Same goes for Facebook Inc. and e-mail logins. Don't give that information to any company you don't trust.
Even if you do all these things, there are still ways for the most determined hackers and spammers to get in. But at least you'll know you did everything you could.