gmtoday_small.gif

 


Tech Q&A: How to avoid browser hijacking

June 25, 2018 


Q: I read that I could get better protection against hackers by switching to an independent internet connection service, such as Google Public DNS, Cloudflare or Quad9. What do you think?

ó Bob Lommel, Minnetonka, Minn.

A: There are some security benefits, but they fall short of whatís needed.

The hacking you refer to (called DNS hijacking) redirects your web browser to a malicious website. The companies you mention offer some protection against that type of hacking when itís directed at internet servers, but no protection if itís aimed at your home computer or router. Unfortunately, home attacks are the biggest threat.

Your personal security is at stake. Hackers would like to redirect your browser to a malicious website that looks just like the one you are trying to reach. There they can show you advertising, steal your personal information or download malicious software to your computer.

This redirection is accomplished by DNS hijacking, which tampers with the Domain Name System, the internet equivalent of a phone directory. This directory comes into play whenever you type a name such as Amazon.com, Google.com or Yahoo.com into your browser. The directory matches a name to the string of numbers that is the websiteís real address, then connects you with that site. If that directory is hacked, your browser might not be taken to Amazon, Google or Yahoo, but to malicious imitation websites.

But hereís the key part. This DNS directory exists on virtually every computer between you and the website you want to reach ó yours, your router and many internet servers. If a hacker can tamper with the directory anywhere in that chain, your browser can be redirected.

The companies you mention are called DNS providers, and they offer an alternative pathway to the internet that takes the place of one your internet service provider operates. They claim (and this is impossible to verify) that by using their network, you will be more protected from DNS hijacking on the internet.

But protection from DNS hijacking on the internet wonít protect you from attacks on your home computer or router. Those attacks misdirect your browser before the data even leaves your home.

Your best home defense is to have good antivirus software installed on your computer, and to protect your router by changing the password that was put on it at the factory ó hackers know all the factory passwords. (To learn more, see tinyurl.com/y8o2spcg).

Q: I have two Gmail accounts that I access through Microsoft Outlook on my PC. But Outlook can no longer retrieve e-mail from one of the accounts. I keep getting a password request, but I havenít been able to log in. Iíve changed passwords, set up Outlook again and switched the e-mail settings back and forth (I sent you details.) But nothing works. Whatís wrong?

ó Mark Hebert, Minneapolis

A: Your e-mail settings are correct, so the likely cause is a corrupted Outlook profile (the part of Outlook that retains your passwords.) To fix it, create a new profile (see tinyurl.com/l39lr95). Alternatively, you could log in to your Gmail accounts through your web browser.

 

 


McClatchy-Tribune Information Services