The BBC has a story up about home network security and the multifarious evils that happen to those who leave default passwords unchanged. The current clever trick is to log in and mess with the DNS so the user ends up being redirected to malware sites. For example, bad guys would no longer have to send you to http://xxx.xxx.xxx.xxx/paypal and hope you don't notice the URL is a random IP address, but could have your DNS set so that paypal.com itself goes to their site instead of PayPal's.
If you have a home network and haven't done so, it can't hurt to check in at (or whatever your router's address is) and change your administrator password.
.png){kind=logo}
