Duck soup. When something tries to access the Net for the 1st time (or any app that you haven't permanently quantified as Trusted or Crap tries), the firewall will pop up a dialog box asking you if this app should be allowed to do this.[1]
If it's the app in which you are currently working and you recognize a need for it to be online, say OK(THIS TIME ONLY) or ALWAYS OK.
If you recognize it as something that is trying to "phone home" but as something that is otherwise useful to you, permanently mark it as *Denied Access* (NEVER OK).
If the app won't work without Net access and you see no reason that it should need it, DELETE the app and find another that behaves itself.
If you don't recognize the app (usually it just starts itself) you should note the specifics, update your malware killers, and start sweeping your box for infections.
[1] Just how often do you install a new app that requires Net access?