Slashdot Mirror
Spammers Establish Fake URL-Shortening Services
Orome1 writes "Spammers are establishing their own fake URL-shortening services to perform URL redirection, according to Symantec. This new spamming activity has contributed to this month's increase in spam by 2.9 percentage points, a rise that was also expected following the Rustock botnet takedown in March. Under this scheme, shortened links created on these fake URL-shortening sites are not included directly in spam messages. Instead, the spam emails contain shortened URLs created on legitimate URL-shortening sites. These shortened URLs lead to a shortened-URL on the spammer's fake URL-shortening Web site, which in turn redirects to the spammer's own Web site."
So if you block the fake URL-shortening domain with an "ad-blocker" or at the browser level (à la Google Chrome), you avoid pretty simply the redirection to the spam side, without having to block the legitimate URL-shortening sites. Or am I missing something?
I always found url shortening to be a weird and potentially dangerous practice. Trading some comfort to squeeze your link into a tweet for the comfort to actually predict where this link will take you? No thanks. If url does not fit into a tweet, then it's a tweeter problem that tweeter should fix. That's also why I don't use tweeter. I find IRC superior :)
secret jews
I've never trusted ANY of the URL shortening services. in this age of cut-and-paste, for the most part (except for twitter) *I* really don't see the need for them. (note, I said "*I* don't see any need for them...it's an opinion...don't flame me for an opinion) :-)
I've been goatse.cx-ed on Slashdot too many times, I guess!
when I see a short URL (even those short valid ones from Reddit's imgur.com), red flags go off in my brain. (yeah that hurts)
Karma: Excellent. 15 moderator points expire sometime.
You can mitigate this on TinyURL by using this.
Easy solution: Block all URL-shortening services.
So you are telling me I shouldn't trust any tweets with sp.am in them then?
Legitimate URL shorteners don't care how their service is being used.
I've had contact with tinyurl, bit.ly and a few other shorteners with regards to spam links posted on forums, and sent by email. They'll stop one or two of them, but after a while of sending them reports, they'll just get mad at you and then ignore your emails. Well excuse me for trying to reduce the spam problem.
So a redirecting service redirects to a fake redirecting service that somehow redirects but to the wrong place? And how is that useful?
Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!
I'm getting around 50 messages of spam daily and all of them are filtered out by my spam filter. Sometimes when I'm bored I even read the spam for entertainment. To cut a long story short, I have yet to meet a person for whom spam has ever been a real problem. Do you know any 'spam victim' personally? If so, what was the problem? The spam or that person's own stupidity? Sure people get ripped off by spammers, but if there was no spam at all these people would just loose their money and get ripped off legally, by buying stupid shit they don't need, by legal online poker, etc.
IMHO anti-spam propaganda has been invented by self-proclaimed internet vigilantes in the good old Usenet days and spam never really was a serious problem -- at least not as much of a problem as those caused by the fascist laws against spammers that have been invented in some countries. My 2 cents.
(I don't deny that viruses and trojans are a problem, though. But that's another matter.)
If only there were some way to reference a page on the internet in a canonical, consistent fashion. A uniform locator for a resource, if you will.
Lately, pretty much all the junk I recieve involves some poorly worded reference to some sort of sexual act, a shortened URL and a stream of random dictionary picked words (to avoid spam filters I figured...but it fails at that hard)
Yet, strangely, I check today and it's completely different. I have a mix of links: One that I have a feeling is what happens when you click a link via a yahoo search, and another that is www.(strange name).com/Iindex (with 2 'i's, beutifully done...not).
I fully agree and sit by anyone who says they do not trust any of these shorteners, aside from the TinyURL you can preview (thankfully). Sometimes, I even enjoy seeing the full addresses before I click them. You can see where in the website you are, (MASSIVELY importantly), the name and format file youre about to open. .jpg and not .js
The second you don't know what you're clicking is the second you give someone complete control of your address bar. You just better hope that file was a
Well, I'm interested in what you had to say but I didn't click because it leads to a TinyURL, and god knows where that'll take me.
I actually read TFA (well, most of it...) and it makes no sense whatsoever.
Even the shortened URL would require that somebody clicks on a link from a spam mail. Who's dumb enough to do that any more? This isn't 1996 where spam is some new thing people aren't aware of. Everyone who hasn't been living in a cave for the last decade and a half is aware enough not to visit links that a spam mail gives them!
Further, how does the presence of a shortened URL "contribute to a 2.9% increase"? The amount of spam sent is determine by how much is sent, not by the content of it.
I don't know many people who even get spam any more. Most people I know got fed up with it, made a new email, and only use it for "safe" things, and never have it online in a machine parse-able way. For registering with web forums and stuff like that you use a throw-away account and then delete it after you register. You cannot be spammed unless you allow spammers to have your address, and I for one consider that unacceptable, so I don't let them have it. It's easy to not get spammed. I haven't received a single spam in the last 10 years, and I'm blown away that spam is still considered a problem.
This is why I created http://unshrink.me/ To combat all these URL shorteners.
For those not crazy about URL shorteners: it's worth remembering that those whose jobs require creation of QR Codes for insertion in documentation and signage sometimes have to shorten URLs for these Codes. An in-house approach to this is best, IMHO, but YMMV.
Discussion System prefs link: http://slashdot.org/users.pl?op=editcomm
Including one that I own and when they're in a good mood, they attempt to make shortened URLs as quickly as our servers can handle them, often many thousands per day.
Thankfully, due to the sterling efforts of many of the URL blacklisting services out there, these are purged on the hour, on the day, on the week and on the month automatically, so often don't last that long.
However, if legitimate people start to use the URL shortening services that the spammers provide, it'll hardly be in their interests to remove the spammy redirects.
We have mitigated this where I work by setting up a dedicated domain that does nothing but redirect short URLs created by library staff and faculty. The base domain of the shortened URL is something we have under our control, so a user who sees one of these shortened URLs knows that it's going to go some place that a professor or a librarian has set up. We maintain this through our staff website, with a Drupal CCK that just has two fields - the short URL and the FQDN of the destination page. It seems to be working out well.
The added bonus is that our short URLs are still meaningful, since a prof or a librarian can pick what they want the short URL to be. We limit them to 6 characters, but it's usually some variation on the resulting page. A few URL shortening services let you pick your preferred URL but most of the good ones are gone now. Plus, we can expire them when they are no longer relevant.
I actually enjoy receiving spam and replying to it so why block the url shorteners?
If the link is shorter, then I wouldn't call it a fake URL shortener. I think I more sane explanation of what is going on there is that spammers are using redirectors to avoid detection by users and URL-shortening services.
Nothing to see here.
I've found people no longer trust short URLs. But give them a long, impressive authoritarian-sounding URL and they assume it must be part of some corporate datacenter they can feel safe doing business with. Right now there are a couple, like Johannes longurl. It works, but doesn't fill the URL with impressive sounding words. What we need is something tied to a thesaurus lookup with all manner of impressive sounding terms meant to subliminally make the person think they are safe. e.g., reallybigcorporationofamerica.com/htppsss/accounting/security/firewall/lockdown/secureurltoken.shtml&verifiedid=320498982342394ab098f&checksum=0342f&etcetcetc
"Waste not one watt!" - CZ
Something like shadyurl.com? This has always been one of my favorite URL "shorteners".
I always wondered what if a not so scrupulous person set up a url shortening service that operated legitimately for a while getting itself spread all over the web. Then one day they change it so that all the urls now point to a frame with the target site surrounded by ads. It would be mostly too late to stop it, and the terms could be along the lines of "we reserve the right to do anything we want with shortened urls".
It drives me mad when I see URL shorteners used in places that do not have a space limitation. Like on a regular website. I get the point of using it on twitter or txt messages, but on a blog or website? Ug. It's killing the web.
Why are spammers so insistent on getting people who obviously are not interested in what they are selling to look at their wares? Are there people who then go "Oooohhh, shiny! I must buy, I must buy"?!? Isn't the point really to get sales? I guess there are people like that and as long as there is, there will be spammers.
why are we not prosecuting the advertisers themselves for fraud? who the hell gives these people money to make this multi-headed, nested box, country jumping, spam monster?
Doesn't it boil down to one end getting spam, and the other end getting money? If there is a way for money to transfer to that end, then there should be a way for people to find that end, and then charge them five times whatever money they made in fines.
Stop hitting HOW they spam, and start hurting WHY.
We heard you like short URLs, so we put a shot URL inside of your short URL so your URL can be shortened while it is shortened.
Dont click on links in emails from people you dont know. This doesnt change because they shortened the url. they still are selling the same stuff,penis pills and so on. So the "from" will be fake as always,and the same unreadable subject lines.
Jack of all trades,master of none
With a URL like "my.tv/fjdhj454jhj45/", you have NO idea where you're being sent. If you click on it, as far as I'm concerned, you deserve what you get. The whole idea of URL shorteners has always been a (further) invitation to trouble. So is allowing redirection. So is hiding the URL bar. These are ideas that offer utility if used responsibly, but open the gates of doom as soon as anyone with evil intent takes advantage of them. And the fact is, the web is rife with folk of evil intent.
When I see a shortened URL, I just skip it.
I've fallen off your lawn, and I can't get up.
But, shortened URLs get expanded in the end. So, even if they send you to a fake site, the URL of that fake site will then be apparent. If you're reading an article with a shortened link to some article you think should be at yahoo.com and you end up at yarha.com, then you'll realize you've been improperly redirected. It is a problem if you aren't paying attention, but otherwise, not too big a deal IMO. (Just make sure you have all the 'auto-' anything turned off for your browser so the redirect can't link to something which will download and expand, install, run, etc.). But, that is like security 101 anyway. Someone could put a link on any website that sends you somewhere you don't think it will if you aren't paying attention as well... that has been going on for years! Nothing new, just a slightly different form of it.
It is more a problem with things like Twitter, though I agree, same rule applies... just harder to implement there. My advice, use a good browser, properly setup, on a good OS... then even clicking a bad link isn't a problem for the most part so long as you have a bit of common sense.
It depends on the service owners - do I personally trust them or not? For example the German Press Agency (Deutsche Presse Agentur - dpa) has its own service only for their own use (About the dpa 'dpaq' servie http://dpaq.de/ueber_dpaq.html [german only]). there are also several other short url services I trust, e.g. made by IT magazines, where you can be sure they will also exist some years long. (Well, I also trust my own service buts thats not yours ;-)).
And by the way - if using the right system (*cough-nix-hrm*) and the right browser (*argh-opera-ahem*)- what do you fear about?
According to dpa, Wikimedia lists 500 short URL services on their blacklist (https://secure.wikimedia.org/wikipedia/meta/wiki/Spam_blacklist) - just add them to your persoanl proxys blacklist maybe? Or just use bfilter (http://bfilter.sourceforge.net/)? (Well, you migh want to add a 'NOFILTER *ebay*' to your urls.local for latter if you want to see the full description at your (un)favourite flee market...)
Anyway, no use to frown because of some spammers again, just use these short links in your PMs, no one will (or shall) click/read them after some time or if they don't know you...
I lag
Don't just shorten your URL, make it suspicious and frightening.
http://5z8.info/white-power-rides-upon-stallions-unstoppable_p1i3zc_PIN-phisher