CLICK HERE TO SEE IF YOUR COMPUTER IS INFECTED WITH DNS CHANGER
DALLAS - In the shadowy world of cyberspace, the DNS Changer threat might not be widespread, but still can cut deep.
"They can do a lot of damage," said John Pozadzides, co-host of Geek Beat Live. "They can present you to a fake Bank of America where you log in, and once you log in, they've got your log in details and can immediately go and empty your bank account."
It's called click-hijacking.
Last November in Operation Ghost Click, the FBI arrested a half-dozen East Europeans for running DNS Changers, which rerouted unsuspecting PC users to a servers showing similar but fake websites.
Once there, operators of the malicious servers could intercept anything you would enter into it.
Pozadzides said the FBI could not just shut down those malicious servers or four million people around the world would have lost the Internet, including 500,000 in the United States.
So a court let the FBI clean up the servers to give infected users a chance to move off them.
"The FBI has been operating these fake DNS servers with good data in them, but now come Monday, they're shutting them off," Pozadzides added.
Dallas-based AT&T is giving its customers some extra time to make the fix. There aren't many of them, AT&T said, but it's mimicking what the FBI did and creating its own set of safe servers to keep its customers online until it can get all their computers repaired.
"AT&T will operate legitimate domain name system servers through year's end," said Alejandra Arango, AT&T spokeswoman. "This gives adequate time for [our customers] to remove it from their computers and avoid service interruption."
"On the infection level, it's fairly difficult to remove, however it's not very widespread because it's been around so long," said Jason Ottwell, Senior Security Engineer, M&S Technologies, Inc.
Some 64,000 computers in the U.S. still use those servers, and are likely to lose the Internet when the FBI shuts them down at 11:01 p.m. Central Time on Sunday night.