The Indiana University School of Informatics and internet security software company Symantec have announced that they have identified a new online scam being used by internet thieves to trick broadband users into giving up their personal information and online banking passwords. It's called "Drive-By Pharming" and refers to an attack that involves your home router, an extra device that many people purchase and install to share their internet access accross more than one home computer. Many people who purchase a wired or wireless router forget to turn the security settings on when going through the set-up software. Additionally, even among those who do activate the security software, many are too lazy to change the default password used by the manufacturer. If you are not one of those people, you need not worry about this new threat. If you are, then you had best pull out your router's manual and look into setting up a password for protection. Here's how the Drive-By Pharming technique works: The location of every website on the internet is not the "www." url we use. It is in fact a series of numbers like so "199.246.67.51" Because no one in the world is going to tolerate having to type in a series of numbers every time they want to visit a different website, the Domain Name System (DNS) was invented allowing each website's computer address to be assigned to an easy-to-remember name. For example, you type into your web browser "www.ctv.ca" and your internet router checks the DNS service and takes your browser to the internet address "199.246.67.51" This is similar to getting into a taxi in real life and saying "Take me to the CTV studios" and he looks up the address as "#9 Channel Nine Court". And, just as in real life where the CTV Studios might be moved to a new street address, the same could be said of the CTV.ca website which might one day be moved to a new server or internet service. If this happens, it won't have an effect on you, you can always type in "www.CTV.ca" and your router will automatically check to see what the most recent address is. Drive-By Pharming tricks your router into thinking that your bank's website has moved to a new address where thieves have set-up an exact replica of your bank and are waiting for you log in, giving them your log-in and password information. They do this by creating a series of malicious websites that they trick you into visiting. You make the mistake of following a link in a confusing e-mail, clicking on a weird pop-up window, any number of the usual tricks where you suddenly find yourself looking at an odd, but seemingly harmless website (the contents which could be anything). Once you visit this malicious website, your browser is forced to secretly download a JavaScript program that immediately connects to your broadband router and checks for one of two things - Are the secrutiy settings turned on? Will the default password installed by the manufactuer used? If the router is unprotected, then the javascript then accesses the router and tricks the router into thinking that the internet addresses for a number of banking and financial websites (PayPal, eBay, the usual targets) has now changed and the router will use the new, fake addresses from now on. Once this change is in place, the next time you visit your online banking page, you will unwillingly be visiting a exact replica. The one main difference being that, after you log in, you will have unwillingly handed over the information the thieves need to access your account. The term "Drive-By Pharming" is used by thieves to mean that vicitims are caught as the surf to the thieves' website trap and then once the trap is sprung and the new router settings have been planted, the new trap harvests the victims personal info, harvest, farming, you get the idea. In hacker culture, words that begin with the letter "F" are written with a "ph" instead (phishing, phreaking, etc.), farming becomes pharming. Fortunately the solution to avoid this is easy - create a personal password to protect your router. Instructions for Apple Airport 5.0 Instructions For D-Link Routers Instructions For Linksys Routers Instructions for Microsoft Base Stations