Switched has a new home! Huffpost Tech.

Click here to visit the new home of Switched!

Hot on HuffPost Tech:

See More Stories
AOL Tech

Evildoing Spammers Discover TinyURL and Other URL-Shorteners

by Lee Bains on July 9, 2009 at 06:24 AM

Twitter is no stranger to spam, so it shouldn't be of any great surprise that spammers are hitting one of tweeters' favorite utilities. According to the New York Times' Bits blog, URL-shortening services like TinyURL and Bit.ly have unintentionally provided spammers with a veil to cover the ugly face of their shady activities.

By copy-and-pasting a Web address (a.k.a. URL) into one of these services, a user is presented with another, much shorter alias URL. These content-rich, character-light URLs have gained in popularity as more and more people join Twitter, which only allows 140 characters per tweet.

Now, however, spammers are having a field day using these same shortened URLs in e-mail spam, because the actual destinations of these mini-links aren't apparent from just looking at the URLs themselves -- they all contain only 'tinyURL' or 'Bit.ly' plus a letter/number code. Twitter users have become so accustomed to indiscriminately clicking on these shortened addresses, and it looks as though the same is true of folks who actually open their e-mail spam. According to the Times, spam authority MessageLabs reported yesterday that a full 2-percent of spam e-mails had come to include these shortened URLs -- just over a few days. Obviously spam recipients are clicking on them or the growth wouldn't be so rapid. Because this trend is recently emerging, few, if any, preventative measures seem to have been taken.

MessageLabs' Matt Sergeant told PC Mag that his company has found these malicious links to be showing up in e-mails. (Their prevalence on Twitter has not yet been studied.) Apparently, one of these malicious e-mails is likely to feature brief, grammatically incorrect messages along with one of the shortened URLs. While Sergeant says that some of the links will automatically download malicious content to your computer, most will just direct you to the usual "Free Penis Enlargement!" and "Lose 60 Pounds in Three Days!" product pages.

The most worrisome aspect of this trend is the fact that an honest link is indecipherable from a dishonest one. Call us paranoid, but we won't be clicking on any of those itty-bitty links we see in any e-mails or text messages for now. Let's just hope that these services can address the problem promptly and adequately. [From: New York Times]

Tags: bitly, e-mail, email, security, spam, tinyurl, top, twitter, url shortening, UrlShortening

Comments

2

Add your comments

Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.

When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.

To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.

HuffPost AOL Social News Most Popular