I’ve always though that shortened URLs were one of the dumbest things to ever come down the Internet highway. Given the state of Internet security, who in their right mind would click on a link that looks like this – http://om.ly/2efrq, in an email (for example), as opposed to a link that looks like this – https://billmullins.wordpress.com/.
Anyone who clicks on a shortened URL, in my view, is surfing the Net with their eyes shut. I’m not suggesting that a legitimate looking link is any safer, but at least you should have some idea where it is you’re supposed to end up.
We shouldn’t be too surprised then, to see email spammers (who use every tactic available), take advantage of the obstrufication cause by shortened URLs. Shortened URLs are, in a real sense, hidden web addresses.
There’s little surprise then, that according to the July 2010 MessageLabs Intelligence Report, shortened URLs in spam, are fast becoming a sustained spamming tactic due to loop holes in CAPTCHA requirements for the tiny links, and free-of-charge URL shortening services.
Highlights from Symantec’s July 2010 MessageLabs Intelligence Report:
Spam: In July 2010, the global ratio of spam in email traffic from new and previously unknown bad sources was 88.9 percent (1 in 1.12 emails), a decrease of 0.4 percentage points since June.
Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 306.1 emails (0.327 percent) in July, a decrease of 0.04 percentage points since June. In July, 17.1 percent of email-borne malware contained links to malicious websites, an increase of .4 percentage points since June.
Endpoint Threats: Threats against endpoint devices such as laptops, PCs and servers may penetrate an organization in a number of ways, including drive-by attacks from compromised websites, Trojan horses and worms that spread by copying themselves to removable drives. Analysis of the most frequently blocked malware for the last month revealed that the Sality.AE virus was the most prevalent. Sality.AE spreads by infecting executable files and attempts to download potentially malicious files from the Internet.
Phishing: In July, phishing activity was 1 in 557.5 emails (0.179 percent) an increase of 0.02 percentage points since June. When judged as a proportion of all email-borne threats such as viruses and Trojans, the proportion of phishing emails had decreased by 3.2 percentage points to 60.2 percent of all email-borne malware and phishing threats combined.
Web security: Analysis of web security activity shows that 30.5 percent of malicious domains blocked were new in July, an increase of 0.2 percentage points since June. Additionally, 13.0% of all web-based malware blocked was new in July; an increase of 0.5 percentage points since last month. MessageLabs Intelligence also identified an average of 4,425 new websites per day harboring malware and other potentially unwanted programs such as spyware and adware, an increase of 176.9 percent since June.
The July 2010 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends. The full report is available at here.
About Message Labs Intelligence:
Symantec’s Message Labs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available here.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.