Spammers, Virus Writers Abusing URL Shortening Services
Purveyors of spam and malicious software are taking full advantage of URL-shortening services like bit.ly and TinyURL in a bid to trick unwary users into clicking on links to dodgy and dangerous Web sites. Fortunately, with the help of a couple of tools and some common sense, most Internet users can avoid these scams altogether.
According to alerts from anti-virus vendors McAfee, Symantec and Trend Micro, the latest to abuse these services is the Koobface worm, which targets users of social networking sites like Facebook (Koobface is an anagram of Facebook) and Myspace. It's now also spreading via microblogging service Twitter. Koobface arrives as a message that urges users to click on a link to a video, which invariably leads to a site that prompts the visitor to install a missing video plug-in. The fake plug-in turns the user's system into a bot that can be used for a variety of criminal purposes, from spamming to attacking other computers and spreading the worm.
At the same time, URL shortening services appear to be fueling a massive ongoing commercial spam campaign. At his always informative blog CyberCrime & Doing Time, Gary Warner, the director for research in computer forensics at the University of Alabama at Birmingham, has the skinny on a spam run that includes links shortened by at least a dozen different URL shortening services.
Meanwhile, computer security firm Marshal8e6 writes in its July Security Threats report about rogue anti-virus purveyors using URL shortening services in conjunction with Twitter trending topics to spread their junk software.
A few weeks back, I wrote a column on several free services and tools available to help unmask shortened URLs. From that post:
TinyURL, which is among the longest-running URL shortening services, lets you automatically enable the preview of all shortened URLs. Just visit this page and click the "Enable Previews" link, and from then on TinyURLs will be converted into their longer form when you visit a Web page that features them. You must have cookies enabled in your browser for this setting to take, and you will need to set the cookie for each browser you use.
If you browse the Web with Firefox, I recommend an add-on called Long URL Please, which currently converts URLs shortened by 72 different services, including bit.ly, cli.gs, digg.com, is.gd, kl.am, ow.ly, tr.im, and tinyurl.com. Long URL Please also works in Internet Explorer and other browsers: Simply add this bookmarklet to your bookmarks, and then click on it when you're at a page that includes shortened URLs to display the long URL.
Firefox users who are familiar with the Greasemonkey add-on may prefer the Tiny URL Decoder script (my preference), which also works with a long list of URL shortening services.
Expandmyurl.com is another bookmarklet approach that works across browsers.
July 15, 2009; 4:00 PM ET
Categories: Latest Warnings , Safety Tips | Tags: koobface, url shorteners
Save & Share: Previous: Microsoft Patches Nine Security Flaws
Next: PC Infections Often Spread to Web Sites
Posted by: dkp01 | July 15, 2009 11:44 PM | Report abuse
Posted by: chris_rollins2k3 | July 16, 2009 9:05 AM | Report abuse
Posted by: hairguy01 | July 16, 2009 12:04 PM | Report abuse
Posted by: taskforceken | July 16, 2009 1:31 PM | Report abuse
Posted by: Bitter_Bill | July 16, 2009 4:37 PM | Report abuse
Posted by: BTKrebs | July 16, 2009 4:58 PM | Report abuse
Posted by: featheredge99 | July 16, 2009 6:31 PM | Report abuse
Posted by: traef06 | July 17, 2009 2:51 PM | Report abuse
The comments to this entry are closed.