Home network security
Many home network users leave the default passwords unchanged on their network are at risk from attacks. According to the BBC, research showed that around 50% of users leave the default password unchanged.
The home networks which are attacked get redirected to a bogus webpage; this is done by re-writing the address book within the hardware of the network which points victims to the scam sites. These bogus websites use the default passwords and JavaScript technology that is enabled on 95% of computers which changes a router’s Domain Name System (DNS) settings. The DNS servers could redirect users to counterfeit banking, email, or government websites which collects personal details like account numbers, usernames and passwords or even install malicious software. This attack is called “Phish Pharming”. This can be avoided by changing the administrative password as research shows that around half of router owners never change the default password.
Reference:
BBC NEWS, Home network security scrutinised - http://news.bbc.co.uk/2/hi/technology/6367691.stm [online][cited 29/01/08]