There’s a trojan horse being distributed via email that sends the user’s AOL password to a malicious person when they run the program. It gets the AOL password off of the user’s hard disk. AOL isn’t taking responsiblity, of course, but I’m forced to wonder why AOL passwords are stored unencrypted. Maybe they are encrypted and the story fails to make that clear. At least the trojan horse lets you know that it just stole your password, so you can change it.