IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Twitter-style short URL spamming skyrockets

Criminals are trying to make it more difficult for users to know what they are clicking on.

Spam emails carrying shortened URLs have shot up in the last couple of days, now making 2.2 per cent of all spam or more than three billion messages a day.

Shortened URLs have been popularised in social networks like Twitter, which allow you to restrict characters on status updates and messages.

It appeared the spammers were using free URL direction services to turn lengthy web addresses into shortened URLs, which didn't need users to register or solve a CAPTCHA problem.

Paul Wood, MessageLabs Intelligence senior analyst at Symantec, said that this tactic would be very easy to automate and for criminals to set up a spam run of emails with the shortened links.

He also said that it made it difficult for spam filters to recognise the domain or URLs in the emails as malicious.

He noted users would be unable to see the real URLs. "You won't actually know where you're being taken."

"It's essentially putting a blindfold on you when you click that link whether it's a malicious drive-by attack or just a spammer website," he added.

A botnet called Donbot' was responsible for the spike in shortened URL spam, according to Wood.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Twitter API keys found leaked in over 3,200 apps, raising concerns for linked accounts
Security

Twitter API keys found leaked in over 3,200 apps, raising concerns for linked accounts

2 Aug 2022
Twitter reports largest ever period for data requests in new transparency report
social media

Twitter reports largest ever period for data requests in new transparency report

1 Aug 2022
Elon Musk offers to buy Twitter for $41.39 billion, claiming only he can 'unlock its true potential'
social media

Elon Musk offers to buy Twitter for $41.39 billion, claiming only he can 'unlock its true potential'

14 Apr 2022
Jack Dorsey admits regret for helping to centralise the internet
Network & Internet

Jack Dorsey admits regret for helping to centralise the internet

4 Apr 2022

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022