Moreover, using PreparedStatement may improve performance because target DBMS may cache native translation of the statement and reuse it, instead of re-translating each time. Of course the details are very specific for every DBMS.
I guess I've been abducted by space aliens. So unprofessional. They tried to probe me with this tiny ad: