How to Avoid a Browser Hijacking on Your Computer
by David Beaver
(County Bar Update, June/July 2005, Vol. 25, No. 6)


How to Avoid a Browser Hijacking on Your Computer


By David Beaver at the request of the Law Practice Management Section Executive Committee. Beaver is chief technology officer at All Covered, a nationwide information technology outsourcing partner for law firms. Serving hundreds of single- and multi-location firms across the country, All Covered helps clients achieve their business objectives by lowering the cost and maximizing the performance of their IT systems. He can be reached at (213) 327-0445. The opinions expressed are his own.


Some things online are mildly annoying—sign-in windows, for instance. Others are wildly frustrating—browser hijacking, for example. What is browser hijacking? If you don't know, then you haven't experienced it . . . yet. The term describes exactly what happens. Your browser goes where it wants to go automatically, taking you along for the ride. Ads pop up all over your screen. Your browser has a new home page. Your browser window defaults to a porn site.


Why and how did this happen? Most people know to avoid opening anonymous e-mail attachments. But did you know that you might trigger the transparent installation of a hijacker's code just by displaying an e-mail message in Outlook's "preview pane"? Or perhaps you downloaded a free utility, and there was malicious code hidden in it. Maybe you simply visited a popular Web site, and a pop-up window installed the hijacker without any interaction from you.


That's the scary part. Without you or the site's owners even knowing it, you can lose control of your browser to hijackers who force you to their Web sites, enabling them to charge higher advertising rates based on the increased, involuntary traffic.


Browser hijacking began years ago, but, like a virus, today's strains are harder to shake. In fact, in the past you could simply go to Internet Options and change your browser's settings back to the way they originally were. That's seldom the case today because hijack code is deviously clever and usually requires an expert to remove it. By following these steps, you may deter hijackers in the first place.


Update Windows and Internet Explorer regularly. The easiest thing to do is also the most effective: Make sure your computer runs the latest versions of Windows and Internet Explorer. Microsoft constantly writes patches and updates to improve the security of its products. Go to and install the latest versions.


If you run Windows XP or Windows 2000 and Service Pack 3, your system can be updated automatically. To enable this feature, right-click on My Computer, select Properties, click the Automatic Updates tab, and select the check box that says "Keep my computer up-to-date" as well as the option that notifies you before downloading and installing an update automatically.


Say "No" to downloads and installations. For such a sinister activity, many hijackers can be unfailingly polite: They ask for your permission before taking over your computer. So when it comes to unexpected downloads or pop-ups that ask whether you would like to install a program on your computer, follow this rule: When in doubt, don't.


Keep your system secure. Anti-virus and anti-spyware programs do a good job of scouring your computer for unwanted programs if you keep these utilities updated and run them regularly. Also, increase your Internet Security Options by going to Internet Options, clicking on Internet, and moving the slider to the top. This will keep Internet Explorer from running ActiveX instructions, which is how many browser hijackers take over your computer. Even though increasing security can help avoid a hijacking, it may also increase problems or decrease functionality on trustworthy sites. To avoid this, place frequently visited Web sites in the "Trusted Sites" zone.


Use a different browser. Hijackers target the most popular computers and browsers, such as Windows and Internet Explorer. Macintosh users rarely run into problems; PC users won't, either, if they switch from Internet Explorer to a browser such as Mozilla, Firefox, or Opera.


What if it's too late? It's never too late. If your browser has been hijacked and an anti-spyware or anti-virus product can't remove the offending program, then an expert can.

# # #