To carry out the attack all someone has to do is persuade a computer user to visit a website they have set up, potentially via an advert on Google or a link from a spam email.
The website contains a piece of computer code that hacks into the user’s router - unless they have changed their password - and changes the DNS server settings.
This means for example that the attacker now can direct requests for the user’s bank website to fake websites he or she has set up – potentially websites that precisely mirror the bank’s real site.
In Depth Information
Brief Outline