Pages

Thursday 12 November 2015

Url shortener threat

I've been seeing this for a while. When a Bad Person wants to send you to a web site that will install a trojan on your computer, they give you a URL to click on.

Most people are accessing their email via the web using their browser (I don't). When you're making a web page, it's easy to lie about where a link will take you. Because there's the part that the user sees, and there's the part that tells the browser where to go, and they don't have to be the same. So a link that says that it goes to microsoft.com, could actually go to nastywebsite.com, and unless your browser alerts you to the difference, how would you know? My email system tells me, for each link, where it actually goes to, so in the case above, it would say microsoft.com [nastywebsite.com], making it obvious to me that there's something fishy going on. But it might not be so visible.

A link that says that it goes to microsoft.com could actually go to MICR0SOFT.COM, and the difference is that I used a zero instead of a letter o; the upper/lower case doesn't matter for links. Well, that example wouldn't work anyway,  MICR0SOFT.COM has also been registered by Microsoft. But you get the idea.

So what domain name does your bank use? Is it barclays.com, or barclaysbank.com, or barclaybank.com, or one of a zillion other possibilities? When you see a plausible-looking link, do you just follow it? Well, don't.

And what I've also been seeing, is URL shorteners. These have a legitimate application; you want to suggest to a friend that they visit the url http://www.cutekittens.com/stripy/frisky/running_around_looking_cute.html but instead of giving that long URL, they use a URL shortener like tinyurl.com, so the link is now tinyurl.com/r8w7qg5. If you're a twitterer, brevity is important.

But the bad guys can use URL shorteners to totally hide where the link goes. If you're used to urls like go.to/93hy56 then you might be less suspicious than if you saw nastywebsite.com/malware-installer.htm

The advice is, as ever, don't click on links sent to you by email. Not any. Ever. If you get an email that makes you want to visit Paypal, or your bank, or whatever, don't click on the link. Use the bookmark or "favourite place" that you already have set up, or use Google to find the URL.

And if you get a spam that says "click on the link to unsubscribe", then consider this - click on that link, and you just told the spammer that you're alive, active, reading his spam and therefore even more valuable as a victim. And you'll get ten times the amount of spam.


2 comments:

  1. Mr Numpty here, one little trick they caught me on was putting email addresses in the email purporting to be testimonials, and silly me copied and pasted one to email and ask them about it. It came back undelivered, but the spammers presumably detected it, and now I get loads of emails from woman wanting my company, so there is a silver lining !! :)

    ReplyDelete
  2. URL Shortening Services List - Updated list of top URL shorteners. Domain, Site Title. bit.do, Bit.do URL Shortener - Shorten, customize and track your links. mass url shortener

    ReplyDelete