If you use popular social networking sites such as Facebook and Twitter, or have Google or Yahoo accounts, you may want to closely monitor your personal information.

According to researchers at IT security firm Trustwave, nearly two million passwords have been stolen via malware attacks and posted online. Compromised data include login credentials for Facebook, Twitter, LinkedIn, Yahoo and Google.

"Unfortunately, there's no way to completely protect yourself against breaches that happen in this way," said Scott Mitic, Senior Vice President of Equifax Personal Solutions. "Having anti-virus and anti-spyware on your computer can be helpful, but they're far from 100 percent effective."

Even the most vigilant Internet user can fall victim to a malware attack. In the case of the compromised data discovered by Trustwave researchers, it's believed that a large botnet--a network of computers infected with malware--harvested the passwords from computers without users' knowledge.

Malware like this can infect computers in a number of ways. Users may click on a link, download a file or click on a suspicious website that infects their computer with malware. Once the malware is installed, it can see whatever is typed on the computer, including passwords to social networking and online banking accounts.

"With the proliferation of attacks like these, it's more important than ever for consumers to take steps to help protect their identity and monitor their credit," Mitic said. "If you become a victim of identity theft due to a data breach or malware attack, it could be costly and time-consuming to clean up your credit."

In 2012 alone, $4.9 billion was stolen from consumer banking accounts through malware takeovers, according to a 2013 report by Javelin Strategy & Research.

WSJ