There were two news stories recently that seemed to coincide. In the first, Cisco issued an annual security report which said the two current targets of the Internet criminal underground are banks and social networks. Banks because, well, we all know what they keep there. Social networks are targets because that’s where weakly protected password databases are kept and the passwords they contain probably are used on a lot of other sites as well.

“Criminals have been taking note of the large crowds in social-networking sites,” a Cisco researcher said.

The Koobface worm, which targets Facebook, has infected more than three million machines since 2008. It steals networking credentials, logs in to the sites and sends messages to friends to lure them to malicious Web sites that download more copies of the worm.

The second story, in PC World, detailed a significant change in access control that Facebook has rolled out. The 350 million Facebook users now have more control over who can see their information. These changes actually have been in a beta stage since last spring. In addition to “everyone” (the default setting) they can limit their information to “friends,” “friends of friends” and now fine tune the process with a “customize” options which can limit access to one person for a post, picture or other item.

There will be a new icon of a lock next to the “share” button that users hit to send their updates to their friends. Clicking on that enables users to select the security level for their posts. Facebook users might avoid sharing with “everyone” since that makes their pages available to anyone on the Internet, including non-Facebook users. Sharing with “everyone” also makes the material available to search engines.

They also can lock down their profile settings by clicking on “settings” (top of page, right) then “privacy settings” in the drop-down menu.