Spammers exploiting trust in shortened URLs - SC Magazine US
The above article in SC Magazine describes how malicious coders are taking advantage of the public's trust of URL shortening services like TinyURL and DwarfURL in order to deliver exploits to your machine. Part of the reason this is successful is that security software generally "trusts" the shortened URLs and doesn't block them or warn you about them.
This is actually a great example of how you have to be vigilant in all aspects of your computer use. It is unwise to "trust" anything that is sent to you unless you know exactly what it is and it was something that you were expecting. (I know I am like a broken record with this to my frequent readers, however it is important and true!)
Because useful tools like these URL shorteners can be used to obfuscate malicious links, and because we're getting used to seeing these short URLs on a regular basis, it is a perfect storm for spammers, virus/worm writers, and criminals who want to obtain and exploit personal information, they couldn't ask for a better tool to help them get what they need!
So remember, the next time you get a shortened URL in your email or IM program, think twice before clicking it, you never know where it might lead.
About Me
- Jonathan Watts
- Los Angeles, CA, United States
- I have over 15 years of professional experience in the I.T. field, working with individuals and small to mid-size businesses. I've received a certificate in Project Management from UCLA, and I am a member of PMI. I have expertise in Active Directory, Open Directory, VMWare, Windows, Mac OSX, *nix, Exchange, IIS, Cisco, Forefront TMG, MARS, ACS, CSA, EMC, NetApp, and Websense. I've worked in all aspects of I.T., from end-user support to engineering and design.
Subscribe
Posts
Comments