URL shortener spam is a relatively new but widely used spamming and phishing technique. In this post you will learn what exactly URL shortener spam is and what you can do about it.
What is a URL shortener?
A URL shortener is an online service that turns long URLs into shorter ones. For example, a popular URL shortener Bit.ly can be used to turn a long URL like https://www.mycompanyslongdomain.com/services/consulting/whitepapers/research.pdf into something like https://bit.ly/a7gd934m. Short URLs can be easily dictated, shared by text messages or used when the space is limited, for example on booklets or other printed material.
As a rule, URL shorteners use very short domain names. Some very popular URL shorteners are, above mentioned Bit.ly, ow.ly, adf.ly and po.st. Several social media sites have their own URL shorteners like Twitter’s to.co, LinkedIn’s lnkd.in and so on.
What is URL shortener spam?
Per se URL shortening is quite useful and seemingly harmless (from cybersecurity perspective). However, like every tool, it can be used both for good and for bad. Spammers and other malicious users have quickly figured out how to use URL shorteners to their own advantage.
In order to understand why URL shorteners can be a problem, we have to understand how spam and phishing filters work. Most spam and phishing filters have databases of URLs that are spammy. Thus, a spam filter may analyze email body for such links and mark an email message as spam. URL shorteners change final URLs with a shorter URL and for a single spammy URL a malicious users can generate hundreds of different short URLs. These short URLs are not present in the database of the anti spam system and thus the spammy message may look like a normal one to the anti spam system as displayed on the illustration below.
What can you do about it?
The only way to fight URL shortener spam is to use email security software that can handle URL shorteners. Spammers have quickly realized that using well known URL shorteners is useless against modern email security systems that can detect popular URL shorteners. Therefore, spammers have started creating their own URL shortening systems or using less known services.
Another technique used by spammers is a multi-level URL shortening. In other words, they shorten the final URL with shortener A. Then this shortened URL is fed into URL shortener B and so on. There is practically no limit on this. Why is this technique effective? Because many email security systems expand only the first URL. Thus, spammers can easily fool the system.
A bullet-proof solution to URL shortener spam
Actamos Email Security provides protection against URL shortening spam. Our Computational Heuristic Intelligence detects spam and phishing content no matter how strongly spammers obfuscate their URLs.
Are you ready to defeat spam once and for all? Start your 14 day trial and protect your business email from all kinds of cybersecurity threats. No credit card required. No catch, no strings attached.