Is your router using the factory default credentials (username/password)? If it is it is important that you change them immediately. There is a new attack that focuses on your router. It will change the DNS on the router, and supply their own versions of pages that you think are trustworthy.
If you don’t know your router password, there is a good chance that you are vulnerable. If the router password is Admin or password or blank – you are at risk.
If you are lost by this post, and want me to check it out for you, drop me an email at email@example.com
Source: Krebs on Security