Malware via URL Shortening Services
Many attempts to either capture private information such as username/password or to infect your computer with malware/viruses etc. are done by trying to get you to visit a web site that has special code on it that will infect your computer.
Most of us have been vigilant and recognize these attempts when the URL we receive through an email or other means is recognized as one we do not visit and doesn’t look quite right. Overall we have become pretty good at not clicking on these links (thank you).
With the adoption of Twitter and its 140 character limit, it is often difficult to send long URLs. To work around this limitation many people are now using what are known as URL shortening services such as bit.ly, tinyurl.com and others. For example http://bit.ly/fN4hbh is the bit.ly shorten URL that will take you to: http://fyi.uwex.edu/it (the home page for this blog).
While this method is effective for communicating long URLs and is becoming popular within email and other online communications (e.g. Facebook), it is also a means to try and trick people into visiting sites that can do bad things.
The lesson to be learned here is that we must continue to be vigilant. Is the link from someone you know? Were you expecting it? If you are unsure, follow up with the sender before clicking. By having up-to-date anti-virus/anti-malware software and being careful about shortened URLs, we can minimize the potential risk of bad things happening to our computers.
Posted: January 14th, 2011 under IT Director News.