An email-based attack spotted in Brazil recently employed an unusual but potent technique to spy on a victim’s Web traffic. The technique exploited security flaws in home routers to gain access to the administrator console. Once there, the hackers changed the routers’ DNS settings, a type of attack known as pharming. Pharming is tricky to pull off because it requires access to an ISP’s or an organization’s DNS servers, which translate domain names into IP addresses of websites. A successful pharming attack means users can be diverted to a fraudulent website even when they enter a correct domain name.”]

