Spammers Turn to Short URL Services to Cloak Spammed Sites URLs - 675 Views, 2 Comments
|
Previous Article « Positive Recommendations on LinkedIn Used in Lawsuits Against the Recommender
Read Next Article » Is the New iTunes Plus Worth the 30 Cents that the Plus Costs You?
Spammers and malware pushers have turned in increasing numbers to the URL shortening services such as TinyURL, SNURL, bit.ly and is.gd as a way of getting by spam filters that recognize the actual URLs to spam and malware sites. Shortened URLs are changed from the actual address to an address that appears as the URL shortening service’s address along with an additional identifier. So, for example, the URL for this article, http://www.TheInternetPatrol/spammers-turn-to-short-url-services-to-cloak-spammed-sites-urls, becomes http://tinyurl.com/lng2bo. We first reported on spammers using TinyURL over a year ago, but it seems that now it’s on the rise. In fact, the Internet security experts at MessageLabs said this week that they have seen what is being termed a “dramatic spike” in spam which contains links hidden behind shortened URLs. By cloaking the actual target domain and URL behind a shortened URL, the spammers are able to by-pass many of the anti-spam mechanisms that are ready to zap any email containing the actual URL for the spam or malware domain. Says MessageLabs spokesperson, Matt Sergeant, “Usually when we see a spike of this nature it tends to indicate that a spammer has found some method of automating the creation of these short URLs.” Which also means that, hopefully, the URL shortening services being gamed are working right now to find a way to stop it. But, as is always the case in the spam wars, each escalation is met by the other side with another escalation. It’s all just one big game of technical one-upmanship.
Follow Anne on Twitter
Spammers Turn to Short URL Services to Cloak Spammed Sites URLs
Twitter Explained in Plain English
Previous Article « Positive Recommendations on LinkedIn Used in Lawsuits Against the Recommender
Read Next Article » Is the New iTunes Plus Worth the 30 Cents that the Plus Costs You?
Read more:
» Spammers Use Google URLs in Spam to Trick People
» Phishers Use Wildcard DNS to Build Convincing Bait URLs - Spamfo
» Anti Spammers are Lamers, Says Spammer
» A Look Inside the Blog Spammer’s Bag of Tricks
For additional similar stories check out our archives on Everything Else
NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.
This is not technical one-upmanship. this is just the anti-virus and anti-spyware people failing to be pro-active. They put in the minimum effort possible to “protect” you from harmful elements. Resolving shortened URL’s into real ones is absolutely trivial.
Comment by kodabar — 7/10/2009 @ 11:39 am
Using URL abbreviation services like TinyURL, bit.ly, and others which hide the destination URL from the user has been a common tactic since 2005. The unfortunate part is that now these services are also being used to hide cross site scripting attacks and links to malicious executable files.
The main reason that URL abbreviation services are getting more common use is because of sites like Twitter who enforce a 140 character limit on tweets, but their use by spammers is far from new. They’ve been onto the game for years.
Comment by Internet Threat — 8/30/2009 @ 7:25 pm