Surf Safely: How to Avoid Internet Minefields

By Leon, James F. | Journal of Accountancy, April 2007 | Go to article overview
Save to active project

Surf Safely: How to Avoid Internet Minefields


Leon, James F., Journal of Accountancy


The Internet is a gold mine of information, but its also a minefield, loaded with scores of innocent-looking sites that contain stealthy programs designed to steal or destroy your data. But if you take proper precautions, you can browse the Web with relative safety.

In our illustration for ways to surf the Web, we use Microsoft's latest browser, Internet Explorer version 7, but you can apply these recommendations to other browsers as well.

GOING OR COMING?

When users surf the Web, they say they "go to" a page. In reality, though, when you type a URL (such as www.samplesite.com) or click on a link, the page actually is brought to your browser in the form of hypertext markup language (HTML)--the programming code that creates the screen image. In some cases, a malicious miniature program (written in what's called a scripting language) is hitching a ride with that HTML code. The moment that infected page reaches you, the hitchhiker executes its devilish program, which can do many nasty things, including copy your files, transmit them to the thief's computer or simply erase them. Such a script also can change your Windows system settings, leaving your computer in utter disarray.

How can a script steal information off someone's hard disk? Exhibit 1 is an example of a hypothetical script buried inside a Web page. Of course, a real script would not identify itself as coming from a dangerous hacker.

Exhibit 1


If you were to receive this fictitious script, the hacker's program would momentarily control your computer and you would be instantly redirected to his site, www.hacker.com. Once there, a sophisticated program called stealfiles.cgi would snap into action, steal data off your hard disk, then redirect you back to the original Web page. All this could happen in just a few seconds, without your ever being aware of it.

Be assured most Web sites are safe. However, a criminal hacker will try to inject a malicious script into almost any Web site--a scenario known as cross-site scripting, or XSS. Although anti-spyware programs are designed to thwart malicious scripts, they don't always work because clever scriptwriters often stay a few steps ahead of them (see accompanying article, "Spyware Protection"). So what's the alternative? If you want total safety, you have no choice but to take matters into your own hands and disable all scripts from running on your browser. And that's easier than you think.

DO-IT-YOURSELF PROTECTION

To disable scripts, click on Tools, Internet Options, Security (see Exhibit 2). Under Select a zone to view or change security settings, click on Internet if it's not already highlighted. Then under Security level for this zone, click on Custom level.

[ILLUSTRATION OMITTED]

You now should be at a menu called Security Settings-Internet Zone (see Exhibit 3). Slide down the scrollbar to the area labeled ActiveX controls and plug-ins and click on Disable for all 10 options. ActiveX is a Microsoft scripting language.

[ILLUSTRATION OMITTED]

Then slide farther down the screen to the second section from the bottom called Scripting (see Exhibit 4) and click on Disable for all five options. This will stop any script that manages to get into your computer.

[ILLUSTRATION OMITTED]

To implement your changes, click on OK at the bottom of the panel (see Exhibit 5).

[ILLUSTRATION OMITTED]

CONSEQUENCES OF DISABLING SCRIPTING

You do pay a price for disabling scripting. For example, for those who use Yahoo e-mail, disabled scripting triggers a message asking you to either turn on JavaScript or switch back to an older version of Yahoo Mail (see Exhibit 6). But if safety is your primary concern, the cost is worth it.

[ILLUSTRATION OMITTED]

Similarly, if you use a stock ticker at a financial site, such as http://moneycentral. …

The rest of this article is only available to active members of Questia

Sign up now for a free, 1-day trial and receive full access to:

  • Questia's entire collection
  • Automatic bibliography creation
  • More helpful research tools like notes, citations, and highlights
  • Ad-free environment

Already a member? Log in now.

Notes for this article

Add a new note
If you are trying to select text to create highlights or citations, remember that you must now click or tap on the first word, and then click or tap on the last word.
Loading One moment ...
Project items
Notes
Cite this article

Cited article

Style
Citations are available only to our active members.
Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

Cited article

Surf Safely: How to Avoid Internet Minefields
Settings

Settings

Typeface
Text size Smaller Larger
Search within

Search within this article

Look up

Look up a word

  • Dictionary
  • Thesaurus
Please submit a word or phrase above.
Print this page

Print this page

Why can't I print more than one page at a time?

While we understand printed pages are helpful to our users, this limitation is necessary to help protect our publishers' copyrighted material and prevent its unlawful distribution. We are sorry for any inconvenience.
Full screen

matching results for page

Cited passage

Style
Citations are available only to our active members.
Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

Cited passage

Welcome to the new Questia Reader

The Questia Reader has been updated to provide you with an even better online reading experience.  It is now 100% Responsive, which means you can read our books and articles on any sized device you wish.  All of your favorite tools like notes, highlights, and citations are still here, but the way you select text has been updated to be easier to use, especially on touchscreen devices.  Here's how:

1. Click or tap the first word you want to select.
2. Click or tap the last word you want to select.

OK, got it!

Thanks for trying Questia!

Please continue trying out our research tools, but please note, full functionality is available only to our active members.

Your work will be lost once you leave this Web page.

For full access in an ad-free environment, sign up now for a FREE, 1-day trial.

Already a member? Log in now.

Are you sure you want to delete this highlight?