Survey of Shortened URL Security Performed

• Tweet
• Sharebar

• Tweet

Read an article on Zscaler Research about how more than a million URL’s that were shrunk with TinyURL or Bit.Ly and other URL compression services were analyzed to see how many led to malicious sites.  The result of the test showed that only 0.06% of the shrunk URL’s actually led to malicious content and this seemed to downplay that URL compression services are secure and this is a low risk.

Twitter and the URL Shrinking services themselves do scan the links to see if they lead to malicious content, but clever designers can write code to send valid content to a scanner and different content to someone actually coming from Twitter as a referrer.  Still, according to the research you are far more likely to end up on a malicious website from a Google Search than following a link send to you over Twitter that has been compressed.

It is still a good idea to go to the TinyURL or Bit.Ly site and expand the URL you would be clicking to see where you end up.  Many Twitter clients have this functionality built in, you know in Tweetdeck you can click on a Bit.Ly URL and it will expand a window to show you where the link would end up before it actually opens the site.  This is a good feature just to be sure, and the best rule of thumb is don’t click on links from people you don’t know or trust, they are far more likely to be spam.  (You can gauge a link if it is from a twitter user that has little to no followers, and either has little to no people following or massive amounts of people it is following with a very low follow back rate).

Seems a little obvious doesn’t it, don’t click links from people you don’t know or trust, but if you do know that there is a 0.06% chance it will lead to something malicious if it was a link on Twitter.

-Dragon Blogger

Related posts:

1. Avoid Twitter Pyramid Sites At All Costs In reviewing Twitter applications I delved into a few Twitter Pyramid sites, mostly on accident not realizing what I was...
2. WordPress 3.0.2 Mandatory Security Fix Wordpress 3.0.2 is released and has a mandatory security fix that is essential for multi author blogs who have writers...
3. Twitter DM Spam is Unbearable A Twitter DM list is long overdue, the ability to allow your closest friends and have private conversations with a...
4. Manage All of Your Passwords Online Security with Clipperz Online Password Management and direct password login are rapidly becoming an essential in today's world, you need a password manager...
5. CA Internet Security 2009 Too Cumbersome And Intrusive When I attended CA World 2008 this year I received a free copy of CA Internet Security 2009 with a...

Written by Justin Germino (1518 Articles Published)

Working in the IT Industry for over 10 years and specializing in web based technologies. Dragon Blogger has unique insights and opinions to how the internet and web technology works. An Avid movie fan, video game fan and fan of trying anything and everything new.

Follow Justin Germino on Twitter @dragonblogger