URL shortening services give hackers a new entry point


With the explosion of social networking and microblogging services, URL-shortening sites have became more very popular, and many do not require users to register or complete a CAPTCHA graphical challenge-response test. Because domains like Bit.ly and TinyURL are “trusted,” their use allows spammers to evade the typical filters that would otherwise detect and quarantine the messages. What’s more, shortened URLs in tweets and other places are so common that many of us click on them without thinking. Even more sophisticated users who would otherwise recognize a dubious URL don’t think “malware” when seeing a shortened URL in a tweet or Facebook message. (It’s worth noting that some URL-shortening services, including TinyURL, have a preview feature that when enabled shows users where the link will take them.) The problem is becoming a greater concern for IT as more and more users bring their social networking tools and habits to work.

Enhanced by Zemanta

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s