'Browser Hijacking' the Latest Threat for Windows Users

Windows users already have enough security risks to worry about, but here’s a new one — browser hijacking.

It takes tedious, time-consuming work to undo the damage, and most users only discover the ‘hijacking’ after it’s happened. Pop-up windows overlap everywhere, the Internet Explorer home page and Web services are switched to other sites and the list of favorite sites is replaced with porn, the Washington Post reported.

In some cases, all users did was click an "OK" button that they thought was changing home-page settings or adding a Web toolbar — not knowing the damage that would result. The problem is often caused by going online with an old copy of Windows, allowing a hijacker's site to take advantage of security flaws.

The Washington Post recommends a few strategies to stop the problem. Run an up-to-date antivirus utility and firewall program and regularly download Microsoft's critical updates (windowsupdate.microsoft.com). Two of the biggest security flaws behind browser hijacking can be fixed with a pair of downloads. A third can be remedied by installing a better browser.

First, stop pop-ups by going to toolbar.google.com through Internet Explorer 5.5 or newer, or install another browser. Step two is to update the Java software on your machine. Its developer, Sun Microsystems, designed it with tight limits on what a Web-based application can and can't do. But these limits must be enforced by a "virtual machine" program that runs on your own computer, and the one Microsoft developed contained vulnerabilities that hijackers abuse. The better option is to download and install Sun's own, free Java virtual machine (www.java.com).

Step three is to eliminate ActiveX, which allows Web interactivity, but it relies on users to give the right answer when Internet Explorer asks, "Do you trust this publisher?" Click "yes" and the ActiveX program can do whatever it wants. Use an ActiveX-free browser for everyday Web use. A good Internet Explorer replacement is a free copy of Mozilla (www.mozilla.org).

If your computer has already been infected, your antivirus program should clean it out. But you may need specialized hijack-removal software, such as Hijack This! or CWShredder (both at http://www.spywareinfo.com/~merijn/downloads.html

You may like these other stories...

Accountants who specialize in forensic and valuation services point to electronic data analysis, or big data, as the most pressing issue they’ll face in the coming months, according to results of a new survey released...
As complex as federal tax can get, at least you're only dealing with one agency: the IRS. But when you get into state and local sales tax, you're coordinating hundreds of jurisdictions that are constantly changing....
All that was needed on Tuesday was a voice vote for the House of Representatives to pass a bill that would prevent state and local governments from taxing access to the Internet.Now the ball is in the Senate’s court....

Upcoming CPE Webinars

Jul 24
In this presentation Excel expert David Ringstrom, CPA revisits the Excel feature you should be using, but probably aren't. The Table feature offers the ability to both boost the integrity of your spreadsheets, but reduce maintenance as well.
Jul 31
In this session Excel expert David Ringstrom helps beginners get up to speed in Microsoft Excel. However, even experienced Excel users will learn some new tricks, particularly when David discusses under-utilized aspects of Excel.
Aug 5
This webcast will focus on accounting and disclosure policies for various types of consolidations and business combinations.