If you still haven't changed your passwords to websites affected by the Heartbleed bug, then beware, hackers may be targeting you.
Read More Bits: Heartbleed Internet Security Flaw Used In Attack
"Hackers are looking for those who haven't yet changed their passwords and for services who did not install a patch quick enough," said Christopher Hadnagy, chief human hacker at the security consulting company Social Engineer.
It's been almost a month since the Heartbleed vulnerability was revealed, yet according to a recent report by the Pew Research Center, only 39 percent of Internet users who knew about the bug changed their passwords or canceled their accounts.
"People just aren't changing their passwords and they are using the same password over and over again, and they are completely oblivious to how dangerous this is," said Robert Siciliano, a McAfee online security expert.