Symantec: Spammers Create Shortened URL Services

Symantec’s October 2011 Intelligence Report has uncovered evidence that spammers are now using their own URL shortening services for the first time.

Over 80 URL shortening sites available to the public have been uncovered, using the “.info” top-level domain, that will generate real shortened links, although they have only been seen in spam emails so far.

False sense of security

Spammers have been using shortened URLs for some time now because their widespread use on social networks has increased familiarity and lulled users into a false sense of security.

A 2009 survey revealed that users of social networks such as Facebook, LinkedIn and Twitter were behaving in ways that put their Internet security at risk. These links often lead users to malicious sites or phishing scams and, during 2010, 92 percent of spam emails contained links with those featuring shortened URLs harder for anti-spam countermeasures to recognise.

Symantec has previously warned users against the dangers associated with shortened URLs and Twitter has since taken action, bringing the total level down dramatically. However, legitimate services are much quicker to respond to abuses.

Paul Wood, senior intelligence analyst at Symantec Cloud said, “It is possible that spammers are setting up their own URL shortening sites since legitimate shortening sites, which have long suffered with abuse, have slightly improved their detection of spam and other malicious URLs. It’s not fully clear why the sites are public. Perhaps this is simply due to laziness on the spammers’ part, or perhaps an attempt to make the site seem more legitimate.”

Bradley Anstis, vice president of technical strategy at M86 security added, “The evidence that spammers have developed their own URL shortening service is yet another example of cybercriminals adopting new technology and using this to bypass traditional security measures. This is precisely why we have developed technology that looks at the intent of code embedded within email and Web content, rather than relying solely on updates of signature-based databases.”

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Northvolt Mulls US Bankruptcy Protection – Report

Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…

14 hours ago

FTC Plans Investigation Into Microsoft Cloud Business – Report

Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC

16 hours ago

Programmer Sentenced To Five Years In Prison For Bitcoin Laundering

Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…

17 hours ago

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

1 day ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

1 day ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

2 days ago