URL shortening links begin to be used extensively by spammers

News by Dan Raywood

URL redirection services have become more prevalent over the last few days.

URL redirection services have become more prevalent over the last few days.

According to MessageLabs Intelligence, the presence of shortened URLs in spam has skyrocketed over the past couple of days and now appears in more than two per cent of all spam.

Paul Wood, MessageLabs Intelligence senior analyst at Symantec, said: “There are literally dozens of websites that offer URL shortening services and spammers have realised that using these services eliminates the need to solve a CAPTCHA or register an account.

“The newly shortened URLs also help cybercriminals disguise the true destination of where their victims will click through to, posing further risks of entering websites used to conduct drive-by malware attacks as well as spam.”

Many social networking sites, including Twitter, restrict the amount of characters on status updates and messages and the use of free URL redirection services, which turn lengthy web addresses into shortened URLs. These are increasing in popularity with spammers for multiple reasons.

Wood said: “Donbot, the botnet responsible for sending approximately five billion spam messages every day, is one of the main culprits for using this technique. Links of any size all need to be treated with caution.”

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming event 

Webcast: Understanding this year's biggest adversaries - and how to combat them 

Nation-state activity, versatile, slippery strategies and Big Game Hunting - the threats are real, dangerous and ever changing. 
Brought to you in partnership with Crowdstrike