Translate

Friday, October 12, 2012

The URL Shortener Scam

Unless you're a "techie," you may not know what a "URL shortener" is, but most of us -- Internet surfers, users of social networks and even e mailers -- use them all the time without even knowing it. 
 
If you're a crook, the fact that everyone uses them without knowing is very useful piece of information that could become very lucrative simply because it means if they can tamper with them, they can load Malware onto our PCs, also without any of us knowing.
So, the question is: What exactly is a URL shortener?
 
Well, take a look at the address bar in your Internet browser. You may have typed in the web address you're visiting yourself -- like this blog for example: 
www.inbirdyseyes@blogspot.com. That's a URL -- or Uniform Resource Locator -- and it's the very precise information the Internet needs to take you to the right place. But sometimes the URL appears in the address bar after you've clicked a link in an email or on a web page. It tells you where you're at but oftentimes, looking at the gobbledygook that appears there, you have no clue. Now you might recognize the first bit of the address but, more than likely, the remainder is a long jumble of meaningless letters, numbers and slashes. 
 
Now, what happens if you want to copy and paste that link into an email, other document or a social networking site? It looks a mess, sometimes several lines long. And, if you're using Twitter, that URL is often too long to even fit in a "tweet." Enter the URL shortener. This is a simple, free application you'll find on several sites that reads in that long line, stores it on a computer server, and returns to you a much shorter URL that links to the full address. You can do this yourself by visiting one of those sites -- tinyurl.com and bitly.com are two of the better known ones -- and pasting in a long address. In a second you'll have your shortened version that you can send to others. These days, some applications, especially those that support Twitter, automatically do the shortening for you. 
 
So is it a great space saver and overall a “super-convenience?
Well, up to a point it is, but according to Symantec, the Norton Internet Security firm, scammers are using the URL shortener technique to circulate massive amounts of malware, spyware, and even key-logger programs on unsuspecting computers. Now, the primary attraction to the crooks is that people who receive shortened URLs can't see where they came from or where they're going to, and second to that is the amount of utter destruction that they can do to your finances or your life. ID Theft is ranked number one here as well. 
 
Just like the genuine item, the recipient of a malicious shortened URL simply clicks on the link and goes to wherever the real web page is -- in this case a page that automatically tries to infect the victim's computer. Most recently this type of nasty link has cropped up in emails claiming to notify recipients of a canceled cash transfer, but clicking on it just leads to a malware infested page. 
 
Most of the legitimate URL shortening services are onto the crooks and have implemented security measures to try to halt the abuse. For instance, the tinyurl.com service offers users who are trying to shorten URLs the ability to set up a preview that will show recipients what the true address is before they go there. Needless to say, the scammers get around these and other types of security measures by creating their own URL shortening service. To counter these, several other websites now offer a URL lengthening service, enabling you to paste in the link you got and see exactly where it leads to. 
 
Again, there are several of these, including knowurl.com and longurl.com.
As you can see, it's turning into something of a cat and mouse game but there's no doubt that URL shortener abuse is going to be with us for some time. Symantec blogger Nick Johnston comments on the phony bank transfer cancellation notification: 
 
"We saw hundreds of unique shortened URLs being used to link to this malware, and expect to see malware authors using this technique in the future." 
 
Foiling this URL shortener abuse is a matter of taking three simple steps:
  • Be wary of any link that appears to be the output of a URL shortener. Basically, if the address is very short, comes to you in an email or appears on a website yet doesn't use recognizable words, it has probably been shortened.
  • If you have any doubts about the origin, copy and paste the link into one of the URL lengthening sites. For a fuller list than the ones we've provided, just initiate a web search for the words "URL lengthener."
  • Ensure your Internet security software is up-to-date. That way, if you do land on a malicious page, your software should alert you and block any attempts to upload malware.
In any case, you should always glance at the address bar when you arrive at a page via a link (rather than an address you keyed in), to make sure you know and understand exactly where you are. And, of course, if you decide to use a URL shortener yourself to send a link to someone else, choose one of the well-known services (again you can do a search for these) and opt to generate a preview, so that those you send it to will be able to check it out for themselves. 
 
Vigilance here is the best key to stop crooks from doing you, your family or your computer, massive amounts of damage.


This Article also appears in Spanish, German, Russian, and Italian; due to the increase of E-Mails received and requests for a more structured translation of Blog Articles, I purchased a Program that does the translation for me.

Unfortunately, the program does not translate web links at the same time, thus the links for this article are:
and of course:


-Birdy





Posted by at
Labels:

No comments:

Post a Comment

Please be considerate of others, and please do not post any comment that has profane language. Please Do Not post Spam. Thank you.

Subscribe to: Post Comments (Atom)
Powered By Blogger

Labels

Abduction (2) Abuse (3) Advertisement (1) Agency By City (1) Agency Service Provided Beyond Survival Sexual Assault (1) Aggressive Driving (1) Alcohol (1) ALZHEIMER'S DISEASE (2) Anti-Fraud (2) Aspartame (1) Assault (1) Auto Theft Prevention (9) Better Life (1) Books (1) Bribery (1) Bullying (1) Burglary (30) Car Theft (8) Carjackng (2) Child Molestation (5) Child Sexual Abuse (1) Child Abuse (2) Child Kidnapping (3) Child Porn (1) Child Rape (3) Child Safety (18) Child Sexual Abuse (9) Child Violence (1) Classification of Crime (1) Club Drugs (1) College (1) Computer (4) Computer Criime (4) Computer Crime (8) Confessions (2) CONFESSIONS (7) Cons (2) Credit Card Scams (2) Crime (11) Crime Index (3) Crime Prevention Tips (14) Crime Tips (31) Criminal Activity (1) Criminal Behavior (3) Crimm (1) Cyber-Stalking (2) Dating Violence (1) Deviant Behavior (6) Domestic Violence (7) E-Scams And Warnings (1) Elder Abuse (9) Elder Scams (1) Empathy (1) Extortion (1) Eyeballing a Shopping Center (1) Facebook (9) Fakes (1) Family Security (1) Fat People (1) FBI (1) Federal Law (1) Financial (2) Fire (1) Fraud (9) FREE (4) Fun and Games (1) Global Crime on World Wide Net (1) Golden Rules (1) Government (1) Guilt (2) Hackers (1) Harassment (1) Help (2) Help Needed (1) Home Invasion (2) How to Prevent Rape (1) ID Theft (96) Info. (1) Intent (1) Internet Crime (6) Internet Fraud (1) Internet Fraud and Scams (7) Internet Predators (1) Internet Security (30) Jobs (1) Kidnapping (1) Larceny (2) Laughs (3) Law (1) Medician and Law (1) Megans Law (1) Mental Health (1) Mental Health Sexual (1) Misc. (11) Missing Cash (5) Missing Money (1) Moner Matters (1) Money Matters (1) Money Saving Tips (11) Motive (1) Murder (1) Note from Birdy (1) Older Adults (1) Opinion (1) Opinions about this article are Welcome. (1) Personal Note (2) Personal Security and Safety (12) Porn (1) Prevention (2) Price of Crime (1) Private Life (1) Protect Our Kids (1) Protect Yourself (1) Protection Order (1) Psychopath (1) Psychopathy (1) Psychosis (1) PTSD (2) Punishment (1) Quoted Text (1) Rape (66) Ravishment (4) Read Me (1) Recovery (1) Regret (1) Religious Rape (1) Remorse (1) Road Rage (1) Robbery (5) Safety (2) SCAM (19) Scams (62) Schemes (1) Secrets (2) Security Threats (1) Serial Killer (2) Serial Killer/Rapist (4) Serial Killers (2) Sexual Assault (16) Sexual Assault - Spanish Version (3) Sexual Assault against Females (5) Sexual Education (1) Sexual Harassment (1) Sexual Trauma. (4) Shame (1) Sociopath (2) Sociopathy (1) Spam (6) Spyware (1) SSN's (4) Stalking (1) State Law (1) Stress (1) Survival (2) Sympathy (1) Tax Evasion (1) Theft (13) this Eve (1) Tips (13) Tips on Prevention (14) Travel (5) Tricks (1) Twitter (1) Unemployment (1) Victim (1) Victim Rights (9) Victimization (1) Violence against Women (1) Violence. (3) vs. (1) Vulnerable Victims (1) What Not To Buy (2)