This pilot fish is updating the company's intranet welcome page with information from the HR department.

"It's a Word document regarding updates to our 401(k) program, with a link where employees can visit to update their own investment allocations," says fish.

"When I move my mouse over the link, I notice the 'CTRL + click to follow link.' I do so, and go back to another window where I was working."

But when fish finally glances at his Web browser to look at the 401(k) information, he gets a shock: Instead of information on a retirement plan, it's a page of scantily clad women and links to pornographic Web sites.

He goes back to the Word document. The URL looks fine -- it's the correct domain for the company's pension-plan provider. But when fish rolls the mouse over the link, it shows up with "www.xxxxxxx.com" as the address.

To read this article in full, please click here