Short URLs Can Equal Large Security Risks

URL shortening services like and have grown as demand for leaner and cleaner web links has grown due to social networking and microblogging sites like Twitter and Facebook.

In addition, the frequent use of shortened URLs on these social media sites has increased the trust that people have in their legitimacy.

However, clicking on shortened URLs can increase security risks for web surfers since the shortened URLs hide the destination ( real ) URL that the link takes you too. Shortened URLs can be used by internet scams and phishers to hide and promote a multitude of bad web sites.

The Internet Explorer 8 web browser reveals the real destination URL to users as protection against bad sites and phishing scams. However, the shortened URL alias reveals no information about the real URL and can be used to fool users into visiting a malicious site.

Short URL’s can also fool numerous network security tools. Shortened URL’s are typically trusted by firewalls, web filters, and spam blocker software.

There are some software tools available to protect users from malicious shortened URLs.

Twitter users can use Tweetdeck. Tweetdeck has an option in the settings to that previews destination information for short URL’s. The tool will display the title and real destination URL for shortened URL’s that are posted in tweets.

There are browser plug-ins and services that perform a similar function outside of Twitter. TinyURL has a tool that allows users to preview destination URL’s that have been shortened.

ExpandMyURL and LongURLPlease both offer browser plug-in tools that people can use to preview the real URL as well.

URL shortening is a great web service that will only grow in the future, but people need to take steps to guard themselves against the numerous ways that these shortened URL’s can be used for malicious and criminal purposes.

Source: PC World