Whenever you type an address into an Internet browser, that address is resolved into the site’s numerical Internet address by a Domain Name Server (DNS server) somewhere in the world. Criminals have started to remotely redirect your home network router’s DNS server. Whenever you type in a financial institution or other trusted site, your browser will instead be redirected to a bogus or phishing Web site.
The practice, called pharming, usually attacks the DNS servers directly. The latest attacks, however, are targeting the home broadband user. So far, the latest attack is limited to Mexico, but the possibility exists for similar attacks elsewhere.
Reportedly, according to a blog by Zulfikar Ramzan, a researcher at Symantec: "the attackers embedded the malicious code inside an e-mail that claimed it had an e-card waiting for you at the Web site gusanito.com. Unfortunately the e-mail also contained an HTML IMG tag that resulted in an HTTP GET request being made to a router (the make of which is a popular router model in Mexico). The GET request modified the router’s DNS settings so that the URL for a popular Mexico-based banking site (as well as other related domains) would be mapped to an attacker’s Web site."
The best way to prevent becoming a victim is to change your network router’s default password. Default router passwords are not a secret and are available on the Internet. If you have never changed your network router’s password, do it now. You should first turn your router off, and back on, in case it has already been compromised.
Once again, this points out the need for secure passwords. Not only on your router, as is the focus of this article, but also on your desktop, server, and any other password protected network devices. Never leave any computer or other network device at it’s default password, and never leave them with no password at all.
Also, make sure that your password is difficult to guess. Never use a word that is found in the dictionary, as "dictionary attacks" are very common. Using a combination of letters, numbers, and special characters is the best practice. For example, "password", could be changed to "pa$$w0rd", with the "s" characters replaced by dollar signs, and the "o" character replaced by the zero character. Even better, would be "pA$$!w0rD", what the "!" added , and a mixture of uppercase and lowercase letters. (Note: This is only an example, and would in reality not be the best choice for a password.)
Secure, difficult to guess passwords, are the first line of defense for many types of attacks.