Twitter has said that its URL-shortening service t.co is to be expanded in the next few weeks.
Calling it a ‘link wrapping service', t.co wraps links into Tweets to display them in a way that is easier to read, with the domain and part of the URL showing, so users know what they are clicking on. SC Magazine detailed the plans for the site back in June.
It said: “When you click on a wrapped link, your request will pass through the Twitter service to check if the destination site is known to contain malware, and we then will forward you on to the destination URL. All of that should happen in an instant.
“You will start seeing these links on certain accounts that have opted-in to the service; we expect to roll this out to all users by the end of the year. When this happens, all links shared on Twitter.com or third-party apps will be wrapped with a t.co URL.”
Twitter confirmed that when a user clicks on these links from Twitter.com or a Twitter application, it will log that click, and it aims to use that data ‘to provide better and more relevant content to you over time'.
Research by Symantec Hosted Services found that spam with shortened URLs accounted for 18 per cent of all spam sent in June, with one website visit generated for every 74,000 spam emails containing a shortened URL link.
Amanda Grady, senior analyst at Symantec, said: “With the announcement that Twitter will be rolling-out its own short URL service, many malicious attacks through this route will be thwarted. Through Twitter's added analysis, they will be able to check if the short URL is directing users towards a site with malware and alert them in advance.
“This should reduce phishing attacks on Twitter accounts and prevent criminals from directing users to infected websites. Despite this added service, Symantec would still recommend that social media users take precautions with the URLs they choose to open.”
Mary Landesman, senior security researcher at Cisco, told SC Magazine that she thought its success would depend on how Twitter polices the URL at their end. “For them the privacy concern is on who checks through the URL and where are they stored. It is a bit of a double-edged sword as it depends on how the user responds and how Twitter uses it,” she said.
If this is not convincing enough, the US government has also now launched its own URL shortening service at http://go.usa.gov/. Although it can only be used by government employees, it allows the creation of short .gov URLs from official government domains, such as .gov, .mil, .si.edu or .fed.us URLs.
It said: “We are currently beta testing Go.USA.gov. Go.USA.gov registration is limited to people with .mil, .gov, .fed.us and .si.edu email addresses.”