What you are describing is hardly a new scam, but it doesn't hurt reminding people.

Ideally you should have different passwords for everything. This is unrealistic unless you write the passwords down which doesn't really eliminate the risk but really only moves it. 

Here's a practical way, using 3 password levels:

Level 1: Have a unique password for your e-mail account and for every website that knows your credit card details. Use a password that has nothing to do with you (i.e. people who know you can't guess it), and use numbers and capital letters.

Level 2: Have different passwords for the social networking platforms you use. If you can't remember them make them similar but vary them in a way that only you understand. For example use Ftry2guessthisB for Facebook and Ttry2guessthisR for twitter (not that the first and last letter of my password are the first and last of the platform but the rest is identical). Don't copy me, make up your own variant.  

Level 3: For everything that you only access 1-2 times in your life, use another password. 

Other things you want to do: check your computer regularly for spyware / keyloggers, don't log in on an unknown computer, and take care not to lose your laptop or phone. 

Your email is the key to your entire online life and for the most part is the place where forgotten passwords are sent.  With the password, to many sites you can access "My Profile", which can lead to far more info like your address, Date of birth, credit card details, friends, and occupation.

 I had a quick look through my online registrations and was surprised how many there are where i really need that password kept private because they hold my cash, credit card or investments, or can make financial commitments on my behalf: EBay, Paypal, iTunes, Amazon, Migros, LaPoste, Orange, ETrade, HMRC, plus at least 6 companies like banks, investment firms or gambling sites who hold some balance of my cash and where the relationship is 100% virtual-online, (like igindex).

Then there are many secondary sites that know alot about me, but don't hold my cash or credit card info. They hold things like my profile (private information), info  on, or access to my friends and clients.   Scammers could use the information in a bad way or could damage my reputation with friends.  These are sites  like MyYahoo, Facebook, Linked in, Glocals, Twitter, Myspace, MyGoogle, Flickr, Swiss.com, and so on.

This is a new scam? It's the oldest one in the book. It's been around since the interenet was around

By coincidence, I just received this SPAM email trying to steal email details:

From: [email protected]

Subject: Upgrade Your Account

Date: 16 March 2013 20:29:54 CET

Reply-To: [email protected]

IMPORTANT ALERT!!!

  Your mailbox has almost exceeded its storage limit of 1 GB, defined by your webmail domain administrator. As such, some of your outgoing e-mails will not be delivered to their intended recipients. You also stand the risk of having some incoming e-mails bounced back.

  We strongly advice that you re-validate your webmail account. This automatically provides more storage space and ensures the receipt and delivery of incoming and outgoing messages.


To re-validate your mailbox/webmail, Please follow the link below:

  http://webmail-updating.com


Thank you!

Webmail system administrator!

WARNING! Protect your privacy. Logout when you are done and completely exit your browser.

The most common scam taking place at this moment is probably the Microsoft tech support scam. It also happens in Switzerland; they tried it on my about a year ago (they called me on a land line). 

Details:http://www.microsoft.com/security/online-privacy/avoid-phone-scams.aspx