Twitter-style short URL spamming skyrockets
Criminals are trying to make it more difficult for users to know what they are clicking on.
Spam emails carrying shortened URLs have shot up in the last couple of days, now making 2.2 per cent of all spam or more than three billion messages a day.
Shortened URLs have been popularised in social networks like Twitter, which allow you to restrict characters on status updates and messages.
It appeared the spammers were using free URL direction services to turn lengthy web addresses into shortened URLs, which didn't need users to register or solve a CAPTCHA problem.
Paul Wood, MessageLabs Intelligence senior analyst at Symantec, said that this tactic would be very easy to automate and for criminals to set up a spam run of emails with the shortened links.
He also said that it made it difficult for spam filters to recognise the domain or URLs in the emails as malicious.
He noted users would be unable to see the real URLs. "You won't actually know where you're being taken."
"It's essentially putting a blindfold on you when you click that link whether it's a malicious drive-by attack or just a spammer website," he added.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
A botnet called Donbot' was responsible for the spike in shortened URL spam, according to Wood.