Monday, May 26, 2014

Don't open short URLs if you get from unknown / un-trusted sources!

Many of us on internet have already came across short URLS/links that when clicked take it actual webpage. In many cases you would have wondered what this link is and where is it going to take me?  e.g. http://goo.gl/dFr2Xp which point to my another blog article.



What are short URLs? 

URL shortening is technique used on internet to shorten the long URL/link to a smaller one and that redirects to actual URL when clicked. Its very useful in many cases, e.g. for twitter wherein message length is small and you wish to share a link.  Or you bought a book and it has website references using short URLs.
Long URLs are the way websites are developed and needs extra descriptive parameters and values that needs to be passed. E.g. see URL for this blog above, its the way blogger creates a link based on blog title. By shortening URLs, it becomes easy to pass on and type without errors
 

Advantages it brings in:


  • Short in nature and easy to type in from non-digital media (books, billboards, banners, posters, etc.) 
  • Takes small size and looks neat instead of long URLs 

List of popular services that provide short URL:  

http://bit.ly
http://tinyurl.com
http://goo.gl (From Google)
http://t.co (From Twitter)

Issues due to short URL: 

Don’t know what's hiding behind the short URL: This is one of the most dangerous part of short URLs. It may be a safe link and serves the purpose for you, or it may land up in malware and unwanted websites which you never wished to visit. There is no way for user to know if you may face any issue by clicking a link. This is the main advantage which is exploited by hackers and malware writes to  hide behind a cute looking  URL.  

There has been many more services which has been closed down just due to the fact that users used it extensively to redirect users to po-rn or malicious websites.

If short URL comes from unknown/un-trusted sources, its better to not click/open it.
 
Privacy issue : With four to five major players in this field of short URL, and many websites/users using it, it poses privacy issues to users. Webservers providing short-url can track you as user and collect info about you to know which sites you visit and pass on this info to third-party. It can track your computer address (IP), links you clicked over time and your behavior with short-urls.

TinyUrl.com was known to distribute Spyware: Not all short-URL services are safe and you cannot trust them. Tinyurl.com has been known for distributing spyware as per wikipedia reports. Files may get downloaded automatically as you navigate with short-url and if you open them, it monitors all your actions and note the keys you type in.

Websites have stopped using short url in post: Wikipedia and few more websites have stopped using short-urls due to above reasons. Any short URLs entered get ignored and post cannot be saved.

Solution :


  • Don’t be click master. Avoid clicking on short URL believing everything is going to be safe.  
  • If you get short-URL from unknown/untrusted sources, then better not click it. 
  • Do no click short URLs in SMS, IM, Whatsapp, emails, blogs and Facebook post. 
  • McAfee also offers short-URL service which can be accessed using this link, You can create your own short URLs safely. http://mcaf.ee/ 

1 comment:

  1. Did you know you can create short links with LinkShrink and get cash from every click on your short links.

    ReplyDelete

Transform your $15 router to $200 security router for FREE

Technology is evolving faster and there are more IoT devices at home/office than a few years back. Software Security companies are movi...