One of two things just happened to you. If you got a warning that your activex settings were too high, then your security settings protected you from this fake hijack attempt. If Notepad (or some other text editor) popped up, then you would now have a dialer if this had been real.

If you had your settings at "Prompt", then you should have seen this dialog box below.

Many thanks to Javacool for writing the "dialer" used in this example.

This simple test only checks for one particular type of exploit. Even if you passed, this does not make you safe from all activex exploits.

For a much more extensive series of browser security tests, visit Jason's Toolbox.