URL shortening links begin to be used extensively by spammers
According to MessageLabs Intelligence, the presence of shortened URLs in spam has skyrocketed over the past couple of days and now appears in more than two per cent of all spam.
Paul Wood, MessageLabs Intelligence senior analyst at Symantec, said: “There are literally dozens of websites that offer URL shortening services and spammers have realised that using these services eliminates the need to solve a CAPTCHA or register an account.
“The newly shortened URLs also help cybercriminals disguise the true destination of where their victims will click through to, posing further risks of entering websites used to conduct drive-by malware attacks as well as spam.”
Many social networking sites, including Twitter, restrict the amount of characters on status updates and messages and the use of free URL redirection services, which turn lengthy web addresses into shortened URLs. These are increasing in popularity with spammers for multiple reasons.
Wood said: “Donbot, the botnet responsible for sending approximately five billion spam messages every day, is one of the main culprits for using this technique. Links of any size all need to be treated with caution.”