URL shortening has led to an increase in spam by almost three per cent in May.
According to the May 2011 MessageLabs Intelligence Report from Symantec, shortening services to perform URL redirection contributed to an increase in spam of 2.9 per cent. Combined with this is 'fake URL redirection' where spammers establish their own their own fake URL-shortening services to perform URL redirection.
According to the report, shortened links created on these fake URL-shortening sites are not included directly in spam messages. Instead, the spam emails contain shortened URLs created on legitimate URL-shortening sites. The shortened URLs lead to another shortened URL on the spammer's fake URL-shortening website, which in turn redirects to the spammer's own website.
Symantec also detected that the new domains were registered several months before they were used, potentially as a means to evade detection by legitimate URL-shortening services.
Paul Wood, MessageLabs Intelligence senior analyst, said: “We have been monitoring the way that spammers abuse URL-shortening services for a number of years using a variety of different techniques, so it was only a matter of time before a new technique appeared. What is unique about the new URL-shortening sites is that the spammers are treating them as ‘stepping stones', a link between public URL-shortening services and the spammers' own sites.
“With legitimate URL-shortening services attempting to tackle abuse more seriously, spammers seem to be experimenting with ways to establish their own services to better avoid disruption. However, as long as new URL-shortening services are being created, we expect spammers to continue abusing them.”
The report also found that approximately 3,142 websites each day were harbouring malware, an increase of 30.4 per cent since April, while 36.8 per cent of malicious domains blocked were new in May, an increase of 3.8 per cent since April.