Malware & DNS Servers

Posted:  May 14th, 2018

 

It's always important to be running an antivirus program. One reason is that malware can attack your computer in a way that changes the DNS server settings, which is definitely something you don't want to happen.

 

Say as an example that your computer is using Google's DNS servers 8.8.8.8 and 8.8.4.4. Under these DNS servers, accessing your bank website with your bank's URL would load the correct website and let you login to your account.

 

However, if the malware changed your DNS server settings (which can happen behind the scenes without your knowledge), entering the same URL might take you to a completely different website, or more importantly, to a website that looks like your bank website but really isn't. This fake bank site might look exactly like the real one but instead of letting you log in to your account, it might just record your username and password, giving the scammers all the information they need to access your bank account.

 

Usually, however, malware that hijacks your DNS servers generally just redirects popular websites to ones that are full of advertisements or fake virus websites that make you think you have to buy a program to clean an infected computer.

 

There are two things you should do to avoid becoming a victim in this way. The first is to install an antivirus program so that malicious programs are caught before they can do any damage. The second is to be aware of how a website looks. If it's slightly off of what it usually looks like or you're getting an "invalid certificate" message in your browser, it might be a sign that you're on an imitation website.

 

 

Article sourced from Lifewire.com.

https://www.lifewire.com/what-is-a-dns-server-2625854