One of the more popular online services is the URL shortener, such as TinyURL. But what’s behind that shortened link? For spammers, these services act as a new tool to bait unsuspecting visitors, and for industry watchdogs it’s become a new threat.
By now, you have likely come across a strange-looking URL. Arranged as various characters, it’s not like the usual Web address. Rather, it’s a shortened URL from a redirection service, such as Tiny.url or bit.ly. They take very long Web addresses and slice them down to several characters. offering a tidy way to post links.
But for all the benefits of these services, a new danger lurks. Recently, tech experts are warning of spammers taking advantage of these tools to mask their pitches. You obviously wouldn’t click on a website with the word Viagra in the title, but if it looked like http://bit.ly/Eqod2 it might seem harmless.
MessageLabs, a division of security firm Symantec, recently tracked spam sites hiding behind these URLs. They found that 2 per cent of all slam contains shortened URLs, up from 0.4 per cent in May. Researchers say the Donbot botnet, known to be responsible for about five billion spam messages per day, is one of the main culprits when it comes to tiny URL spam.
The dozens of new URL-shortening services are empowering spammers to evade anti-spam tools that target Web domains known for sending spam, MessageLabs found out.
Reports say spammers are mainly directing surfers to websites for prescription drugs or other products. Only rarely are these shortened URLs leading people to malware or money-bilking scams.
Rest assured the new companies offering this service are aware of the threat. TinyURL has various layers of security to ensure the majority of its links aren’t spammy. They often disable those malicious links, giving the clicker a message explaining the error.
bit.ly also integrates spam-filtering devices and responds quickly to flagged links. In response to news about spammed shortened links, the company responded: “In a typical week, bit.ly users click on 160 million short URLs, and bit.ly flags 2-3 million links as spam. In other words, the overall spam rate is pretty low.”
MessageLabs offers a few nuggets of advice to worried Web surfers. First, trust your source when you click on a link, either on Twitter or elsewhere. Do you know the user offering this link? Second, if you got this link in your inbox, study the email for clues and figure out if there are any glaring hints, such as spelling errors or overuse of punctuation marks.
