A recent article by Symantec warns of a pharming attack (redirecting your web traffic to another, fake website) that went from the "theoretical" to the "It’s being done now" category. For those that have a home network set up and have their own router, you should pay close attention to this. The goal of redirecting your traffic is to allow them to capture your username, password & account information for sensitive accounts (ie. Banks, Paypal, CreditCards, etc). The attack uses security flaws in some routers, or a lack of proper security measures by others, and changes your router settings. The change could occur from either an HTML based email, or by visiting a compromised website. 

Most people don’t change the default password on their routers. I know that by default Linksys routers have no username and a default password of Admin. One of the easiest ways to beefe up security and prevent these sort of attacks is to change these default settings. Assign / Change the username, and change the password. 

• Username: don’t use the same name as you log into the computer with, use something unique.
• Password: never use a simple to guess word, like one you would find in a dictionary. Mix letters, numbers and symbols.

The greater the variety, the harder it is to crack. There is a specific model of routers that doesn’t require any username or password to change the router settings, but I haven’t been able to determine that information yet. This would be a huge security risk, so if I find out what it is I’ll pass it along. There are some really good general security suggestions in the Symantec article, well worth reading.