How to Spot and Stop a URL Shortener Scam

3 simple steps to foil URL shortener abuse: Internet Scambusters #465

An Internet technique to compact lengthy website addresses,
called a URL shortener, is being used by scammers to fool
people into visiting malicious websites.

Many users don’t realize this because they don’t know what a
URL shortener is and how to recognize the output of one.

In this week’s issue, we explain in simple terms what it is,
how it works, how to spot that one has been used and how to
foil the attempt to fool you.

As always, we also recommend you check out the most popular
articles from our other sites during the past week:

Cleaning Up On Personal Hygiene: Find out how good personal hygiene will help you maintain your health and save money in the long run.

Winter Berries to Enjoy: Find out how to grow berries all year long for your health and pleasure.

Jazz Up Your Layouts With a Cartoon Scrapbook: Check out these ideas and keep the idea of a cartoon scrapbook in mind in the future.

Featured Holiday Articles:

Fall Wreath Craft for Your Door or Mantle: This fall wreath craft works through October and November, extending from fall crafts to Thanksgiving crafts.

Planning Your Christmas Greeting Cards: Learn how to do Christmas greeting cards the right way this year!

Developing your Christmas Present Ideas List: Get some tips on Christmas present ideas to help you draw up your list of Christmas presents.

Let’s check out today’s…


How to Spot and Stop a URL Shortener Scam


Unless you’re a “techie,” you may not know what a “URL
shortener” is, but most of us — Internet surfers, users of
social networks and even emailers — use them all the time
without knowing it.

If you’re a crook, the fact that we use them without knowing
is very useful because it means if they can tamper with them,
they can load malware onto our PCs, also without us knowing.

So, what is a URL shortener?

Well, take a look at the address bar in your Internet browser.
You may have typed in the web address you’re visiting yourself
– like www.scambusters.org. That’s a URL — or Uniform
Resource Locator — and it’s the very precise information the
Internet needs to take you to the right place.

But sometimes the URL appears in the address bar after you’ve
clicked a link in an email or on a web page.

It tells you where you’re at but oftentimes, looking at the
gobbledygook that appears there, you’re none the wiser.

You might recognize the first bit of the address but, likely
as not, the remainder is a long jumble of meaningless letters,
numbers and slashes.

Now, what happens if you want to copy and paste that link into
an email, other document or a social networking site?

It looks a mess, sometimes several lines long. And, if you’re
using Twitter, that URL is often too long to even fit in a
“tweet.”

Enter the URL shortener. This is a simple, free application
you’ll find on several sites that reads in that long line,
stores it on a computer server, and returns to you a much
shorter URL that links to the full address.

You can do this yourself by visiting one of those sites –
tinyurl.com and bitly.com are two of the better known ones –
and pasting in a long address. In a second you’ll have your
shortened version that you can send to others.

Here’s one we set up for Scambusters:
http://tinyurl.com/mv8nmv (though in this case, of course, it’s longer than scambusters.org!)

These days, some applications, especially those that support
Twitter, automatically do the shortening for you.

It’s a great space saver and super-convenience, yes?

Well, up to a point it is, but according to Symantec, the
Norton Internet Security firm, scammers are using the URL
shortener technique to circulate massive amounts of malware.

The attraction to the crooks is that people who receive
shortened URLs can’t see where they came from or where they’re
going to.

Just like the genuine item, the recipient of a malicious
shortened URL simply clicks on the link and goes to wherever
the real web page is — in this case a page that automatically
tries to infect the victim’s computer.

Most recently this type of nasty link has cropped up in emails
claiming to notify recipients of a canceled cash transfer, but
clicking on it just leads to a malware infested page.

Most of the legitimate URL shortening services are onto the
crooks and have implemented security measures to try to halt
the abuse.

For instance, the tinyurl.com service offers users who are
trying to shorten URLs the ability to set up a preview that
will show recipients what the true address is before they go
there.

So, for our earlier example, visiting
http://preview.tinyurl.com/mv8nmv enables you to see our real address and visit us from that page.

Needless to say, the scammers get around these and other types
of security measures by creating their own URL shortening
service.

To counter these, several other websites now offer a URL
lengthening service, enabling you to paste in the link you got
and see exactly where it leads to.

Again, there are several of these, including knowurl.com and
longurl.com (try pasting in that http://tinyurl.com/mv8nmv link there to reveal Scambusters again).

As you can see, it’s turning into something of a cat and mouse
game but there’s no doubt that URL shortener abuse is going to
be with us for some time.

Symantec blogger Nick Johnston comments on the phony bank
transfer cancellation notification: “We saw hundreds of unique
shortened URLs being used to link to this malware, and expect
to see malware authors using this technique in the future.”

Foiling this URL shortener abuse is a matter of taking three
simple steps:

1. Be wary of any link that appears to be the output of a URL
shortener. Basically, if the address is very short, comes to
you in an email or appears on a website yet doesn’t use
recognizable words, it has probably been shortened.

2. If you have any doubts about the origin, copy and paste the
link into one of the URL lengthening sites. For a fuller list
than the ones we’ve provided, just initiate a web search for
the words “URL lengthener.”

3. Ensure your Internet security software is up-to-date. That
way, if you do land on a malicious page, your software should
alert you and block any attempts to upload malware.

In any case, you should always glance at the address bar when
you arrive at a page via a link (rather than an address you
keyed in), to make sure you know and understand exactly where
you are.

And, of course, if you decide to use a URL shortener yourself
to send a link to someone else, choose one of the well-known
services (again you can do a search for these) and opt to
generate a preview, so that those you send it to will be able
to check it out for themselves.

That’s all for today — we’ll see you next week.