Invasion of the Browser Snatchers And other tales of computer mischief

By Wassim Nassif

As translators, we have come to rely on our computers as our main tool for doing business. We cannot imagine being without it, and indeed, our business would surely suffer if we were. This is why, for those of us who depend on a Windows-based machine connected to the Internet, we must take constant precautions to protect this important, revenue-generating resource against the increasing—and increasingly virulent—threats against it.

Foremost among our modern-day computer “malware” is browser hijacking. Browser hijacking refers to malicious websites and software that forcibly access and alter your computer’s settings—settings that control default start and search pages, security levels, and other aspects of how the browser looks and feels. Internet shortcuts, for example, may be added to your Favorites folder without your permission or knowledge. Why? To force you to visit a certain website, artificially inflating that site’s traffic statistics, in order to command higher rates from advertisers.

While such actions may not affect you directly (other than perhaps wasting your time), and while these system changes could be and are easily reversible (under Internet Options > Tools menu), the danger goes far deeper: sometimes there is even a combination of registry settings and files clandestinely placed on your hard drive that recalibrates the settings every time you reboot the computer. There have even been cases where the Internet Options have been disabled or even removed from the menu to prevent you from controlling your own computer!

Even AOL has become a browser hijacker of sorts, by placing its website in Internet Explorer (IE)’s trusted sites security zone, with the intent to bypass the most-used security settings. This occurs after installing AOL software, AOL Instant Messenger, and the Netscape 6.x web browser. AOL then exploits this feature and downloads ActiveX components to your computer’s hard drive without your consent or knowledge. ICQ2001b and CWS Trojan have also reportedly done this.

Avoiding the problem

In light of the perniciousness of these activities, preventing hijacking in the first place is actually surprisingly easy. (Although it should be noted that no situation is always foolproof). First, for those who can, use a more secure browser than Internet Explorer, such as Mozilla, Firefox, or Opera. These browsers are more secure for two reasons: first, because they are less of a target for hackers than IE, whose popularity accounts for approximately 95% of users worldwide.

Second, Opera’s and Mozilla’s programmers take security very seriously and have made these browsers extremely secure, from a program standpoint. It is not possible to install software from compromised or predatory websites without at least a hint or a prompt of some sort asking your permission. As long as you exercise enough vigilance and common sense not to approve a software installation that you did not request or that simply appears out of nowhere, there will be no problem.

For some, and indeed perhaps for many—such as those who work in a company that has IE as its standard browser by contract with Microsoft—switching browsers may not be an option. However, even if you are tied to IE, you can still make it safer without disabling every useful function, by using some third-party software.

The most important thing, and this can not be overstated, is to keep your browser and operating system updated and to check for new releases frequently. From the time the software was manufactured to the time you purchased it, 50 or more threats may have accumulated. This is why you should, as a matter of routine, install software and then go online and update it immediately after the installation is complete. These days, threats are being introduced on a daily, if not hourly, basis.

Additionally, you should frequently log into the WindowsUpdates website and search for and install new patches, service packs, or sometimes even new versions of IE and Windows. As malicious programmers exploit Windows and IE, Microsoft programmers are “informed” of these security holes and produce patches to close them. This single action will save you from the overwhelming majority of browser hijackers and other threats as well.

Other software and email

By far the most common source of malware infection comes from third-party software that is bundled with other packages. Grokster, for example, a P2P (peer-to-peer) file sharing application, will install a dozen or more unwanted programs. Unfortunately, it is a very simple and cost effective matter for a noxious programmer to put his ominous programs on a site where millions of people go to download programs. If you want to kill a village, you poison the well.

What about email? This is an entire topic in itself, but there are a few simple things you can do. First, follow the advice we should all know now by heart: do not open any unexpected email that has an attachment, even though it might be coming from a friend or family member. Second, disable the preview pane in your email program. Simply by highlighting an email while the preview pane is active, even to delete it, risks activating any scripting in that email message.

Whether it involves a browser, third-party software, or email, remember: if you allow someone else to run a program on your computer, it is not your computer any more. Taking the proper precautions in advance can make all the difference in the world.

Happy and safe computing.