You’re looking for a cornbread recipe, but your search is redirected to a site crammed with ads. Your homepage is now a billboard for the most dubious products and services. Tabs open up in the background and pop-up ads swarm your browser like mosquitoes on a warm night. Your browser has been hijacked, and it’s time to take it back.

What is browser hijacking?

A browser is hijacked by software that has been installed on your system, sometimes something you’ve installed on purpose, sometimes something you’ve installed without knowing it. Hijackers often redirect your traffic to ad-heavy sites and inject ads directly into your browser. They can change your browser settings, including your homepage and search engine preference.

How do you get hijacked?

Often hijackers try to take over your browser with your permission. This happens when downloading an app or browser extension from the web and you’re flying through the install process agreeing to prompts on the fly. It usually involves tiny print or check boxes. Take your time here and read what they’re asking you to do.

In other cases, maybe you were searching for a common extension or app and mistyped the name into a search window or the browser bar. Some malicious software spoofs or imitates legitimate software, tricking you into downloading.

Even some legitimate software can hijack your browser. Some translation software and even antivirus or adware removal software can do this. This is so common that we wrote an article about how to clean it out of your browser. Always be thoughtful about agreeing to messages that pop up in your browser.

What do you do if you’re already been hijacked?

If your browser has already been taken hostage, there’s hope. You can reset Firefox to factory defaults, which will get rid of any search engine or home page preferences. It’ll also turn off all extensions so you can start fresh. Bookmarks and saved passwords will stay intact. Here’s how it’s done:

Click the hamburger menu button Select the question-mark icon at the bottom of the drop-down menu. Select ‘Troubleshooting information’ in the slide-out menu. Select the ‘Reset Firefox‘ button at the top right of the new Web page.

If you don’t want to go through with a reset, you may be able to remove the malicious toolbar by itself. Here’s how to do it:

Click the menu button and choose Add-ons. The Add-ons Manager tab will open. In the Add-ons Manager tab, select the Extensions panel. Select the toolbar you wish to remove. Click the Remove button. Click Restart now if it pops up. Your tabs will be saved and restored after the restart.

How can you avoid hijacking in the future?

The best way to avoid browser hijacking is to be ever vigilant:

Keep your operating system and other software up to date. Operating system updates often include the latest security fixes to guard your system against malicious attacks. Update often to stay ahead of hackers.

Don’t install untrusted software. Only install Firefox extensions from the Firefox Add-Ons Store. In general, don’t download and install software from websites that prompt you to.

When you are installing trusted software, take your time and read what they’re asking for permission to do. Make sure they’re only doing what you want them to.

Don’t click on tabs or pop-up windows that warn about security vulnerabilities or insist on virus scans. Firefox updates automatically, as does Windows 10 and macOS.

Finally, don’t run a fake Firefox. Only download Firefox from mozilla.org/firefox.

This post is also available in: Français (French)