'Browser Hijacking' the Latest Threat for Windows Users

Windows users already have enough security risks to worry about, but here’s a new one — browser hijacking.

It takes tedious, time-consuming work to undo the damage, and most users only discover the ‘hijacking’ after it’s happened. Pop-up windows overlap everywhere, the Internet Explorer home page and Web services are switched to other sites and the list of favorite sites is replaced with porn, the Washington Post reported.

In some cases, all users did was click an "OK" button that they thought was changing home-page settings or adding a Web toolbar — not knowing the damage that would result. The problem is often caused by going online with an old copy of Windows, allowing a hijacker's site to take advantage of security flaws.

The Washington Post recommends a few strategies to stop the problem. Run an up-to-date antivirus utility and firewall program and regularly download Microsoft's critical updates (windowsupdate.microsoft.com). Two of the biggest security flaws behind browser hijacking can be fixed with a pair of downloads. A third can be remedied by installing a better browser.

First, stop pop-ups by going to toolbar.google.com through Internet Explorer 5.5 or newer, or install another browser. Step two is to update the Java software on your machine. Its developer, Sun Microsystems, designed it with tight limits on what a Web-based application can and can't do. But these limits must be enforced by a "virtual machine" program that runs on your own computer, and the one Microsoft developed contained vulnerabilities that hijackers abuse. The better option is to download and install Sun's own, free Java virtual machine (www.java.com).

Step three is to eliminate ActiveX, which allows Web interactivity, but it relies on users to give the right answer when Internet Explorer asks, "Do you trust this publisher?" Click "yes" and the ActiveX program can do whatever it wants. Use an ActiveX-free browser for everyday Web use. A good Internet Explorer replacement is a free copy of Mozilla (www.mozilla.org).

If your computer has already been infected, your antivirus program should clean it out. But you may need specialized hijack-removal software, such as Hijack This! or CWShredder (both at http://www.spywareinfo.com/~merijn/downloads.html

You may like these other stories...

It's not a reality—yet—but accounting software is poised to eliminate accountants. We are at a tipping point for many similar professions: online education replacing professors, legal software replacing...
Whenever I speak to accountants about creating a cloud practice, the most common question is, “How do I charge my clients?” Ten years ago, maybe even five years ago, if I would’ve posed this question...
While reputational risk is the No. 1 nonfinancial concern among corporate directors, cybersecurity/IT risk is gaining steam. In fact, both private companies and organizations with more than $1 billion in revenue felt they...

Upcoming CPE Webinars

Jul 31
In this session Excel expert David Ringstrom helps beginners get up to speed in Microsoft Excel. However, even experienced Excel users will learn some new tricks, particularly when David discusses under-utilized aspects of Excel.
Aug 5
This webcast will focus on accounting and disclosure policies for various types of consolidations and business combinations.
Aug 20
In this session we'll review best practices for how to generate interest in your firm’s services.
Aug 21
Meet budgets and client expectations using project management skills geared toward the unique challenges faced by CPAs. Kristen Rampe will share how knowing the keys to structuring and executing a successful project can make the difference between success and repeated failures.