Bit.ly to scour shortened links for badness
Scammers and spammers soon will have a tougher time masking links to their malicious Web sites using bit.ly, one of the more popular link-shortening services out there: The company said this week it is teaming with three security firms to warn users when a shortened link looks like it leads to badness.
Criminals increasingly are abusing URL-shortening services to disguise the true destination of both phishing Web sites and those that host malicious software. Some of the most prolific and automated of these attacks take place on social media sites like Facebook and Twitter, networks that are far less useful and fun if users can't feel relatively comfortable clicking links.
In response, bit.ly will by the end of the year be working with Sophos, Verisign and Websense to scrub some 40 million shortened links each day for those linking to malware, spam and phishing Web sites, the company said this week.
When an Internet user stumbles upon a link shortened with bit.ly that the company's service thinks is malicious, that person will be redirected to a page warning of the threat (see screen shot above). Andrew Cohen, bit.ly's general manager, said the company chose this approach over blocking or deleting malicious links for transparency and usability reasons.
"We wouldn't want to block you from shortening a page on the Web because then the service could seem to be broken," Cohen said. "If you input a URL and nothing happens, you'll just think bit.ly is broken and wouldn't necessarily know we're saving you from going to the bad site."
Bit.ly is but one of dozens of URL-shortening services out there today. It will be interesting to see whether the other big name services respond with similar partnerships.
Back in June, Security Fix featured a tutorial on a variety of tools and services available to make it easier for Web users to unshrink shortened links.
December 3, 2009; 3:20 PM ET
Categories: Safety Tips | Tags: bit.ly, url shorteners
Save & Share: Previous: DC businessman loses thousands after clicking on wrong e-mail
Next: Apple issues security updates for Mac OS X
The comments to this entry are closed.