New Short URL Tools| Built By Spammers To Beat Email Security

Hackers and Spammers have started building fake short URL tools to beat email and other computer security to get more email traffic to their spam sites, Symantec has reported in its May 2011 Report.


Symantec said they’ve seen a new security evasion technique that works by embedding a legitimate short URL, which in turn points to a short URL system set up by the scammers. This adds an extra layer to beat security filters. The traffic then is directed to the final website, which is usually a scam or spam site.

Spammers have even started buying new URL addresses well ahead of when they will be used to avoid domain analysis (URls used for fraud and span are often very recently registered, legitimate URLs have aged a while before they’re used). A lot of the new short URL scams are running on .ru URLs.

“With legitimate URL-shortening services attempting to tackle abuse more seriously, spammers seem to be experimenting with ways to establish their own services to better avoid disruption,” said Paul Wood, MessageLabs Intelligence senior analyst. “However, as long as new URL-shortening services are being created, we expect spammers to continue abusing them.”

“What is unique about the new URL-shortening sites is that the spammers are treating them as ‘stepping stones’ – a link between public URL-shortening services and the spammers’ own sites,” he said.

New Short URL Tools| Built By Spammers To Beat Security for Malware

{ 0 comments… add one now }

Leave a Comment

Previous post:

Next post: