The internet is ripe with scams, malware and phishing attempts. A common method for hackers to obtain your important usernames/passwords is to set up a site which looks *very* similar to your financial institution’s or webmail login. If you don’t notice the address is slightly different than the actual site (i.e. www.citibank.com vs. www.citiibank.com), you may be fooled into providing your credentials at a fake site. The scammers then use the credentials you entered to log in to the real site and drain your bank account, read your personal email, etc.

To help prevent these types of scams, I recommend a free service from a company called Quad9, as a filter for malware and fraudulent sites. A bit of background first, but if you’re already convinced you can skip to the Setup Guide.

When your computer wants to connect to anything on the internet (a web server, send/receive email, update your calendar, etc.), it first needs to do a “Domain Name Service” (DNS) lookup. The internet works on numerical “IP Addresses,” which look something like 69.27.37.10. But numbers are hard for us humans to remember, so we use named entities instead. Rather than having to remember the numerical IP address for Google’s search page, we just enter www.google.com and the computer does a DNS lookup to find the IP address for that particular server. Think of DNS as the “directory information” or “411” of the internet. Here’s a short video describing how DNS works: https://www.youtube.com/watch?v=kURzoJ0Qj9o

By default, most computer users’ DNS lookups are handled by the DNS server at their ISP. This generally works fine, except:

1. The DNS server at your ISP will resolve any domain name your computer asks for. Therefore, if you enter www.infectmycomputerwithmalware.com, the ISP’s name server will diligently do the lookup and point your computer to the IP address of the server which serves that website. There is no filtering or anything to protect your computer from visiting some of the dark and crusty locations on the internet, which may be ripe with malware, viruses and other bad stuff.

2. Most ISPs look at the sites you visit (not the actual pages, but the internet addresses), based on your DNS queries. So if you visit www.iwantanewmazzerati.com, expect to see some advertising for new sports cars soon. This data is then sold to advertisers and used for who-knows-what marketing and other purposes.

I use and am a big fan of Quad9. Quad9 works in tandem with IBM’s security databases and financial companies who keep lists of known-bad-news and look-alike domains. The Quad9 DNS servers will not allow your computer to resolve the name of a known-malicious or look-alike domain to an IP address which your computer would then connect with. So even if you enter www.bankofamerrica.com (note the misspelling with a second “r”), your browser won’t be directed to a fraudulent site asking for your login/password or whatever malicious content is served at that site. In addition, Quad9 doesn’t collect, track or sell any of your DNS searches.

Using Quad9 is particularly helpful in preventing email scams which may point your computer to a website which looks exactly like that of a site you use regularly.

The setup of Quad9 takes literally 2 minutes to enter 9.9.9.9 in your DNS server settings in System Preferences > Network > Advanced.

Setup Guide: https://www.youtube.com/embed/NM4AdfEnAmY?autoplay=1

I can’t recommend this simple step strongly enough. Let me know if you have questions or need a hand. Feel free to share this with those who may benefit.

Kirk out

P.S. I also urge you to enable two-factor authentication at any site where it is offered, particularly for financial institutions.