URL Shortened Spam Continues to Grow

By Matthew Harwood

Spammers are increasingly using url shortening services to disguise links in spam and lure e-mail users to click on links they normally wouldn't, according to MessageLabs Intelligence.

The rate of spam containing shortened urls has risen dramatically over the past year. MessageLabs Intelligence's July report (.pdf).estimates that 1 in every 1,769.2 spam messages contained a shortened url in the first half of 2009. By first of half of this year, one in 76.3 spam e-mails contained a shortened url.

This trend, according to MessageLabs, "heralds a summer of URL shortened spam."

Shortened urls are a natural outgrowth of the rise of social networking and micro-blogging services like Twitter, which have made online messaging more economical. Just like a SMS text message, microblogging services limit the number of characters used for one message. Twitter, for example, allows 140 characters. Many people use microblogging to advertise different things around the Web, but urls can often be long and unwieldy. Thus was born the service of url shortening, which allows a user to convert a very long url into a super short one, thus conserving characters for actual messages.  (For example, the url for this post is /news/url-shortened-spam-continues-grow-007407. After I plug it into, a url shortening service, it becomes this:

According to MessageLabs, it was only natural for spammers to latch onto free url shortening services.

"The use of free URL redirection services are popular with spammers because they are used to turn lengthy website addresses into shorter hyperlinks disguising the real destination and diverting any concerns regarding legitimacy of the link using these reputable domains," the July report said.

(For more on the sharpness of spammers, see "Learn the Words Spammers Use to Lure You in.")

Other highlights from MessageLab's July report include:

Spam – 88.9% in July (a decrease of 0.4 percentage points since June)
Viruses – One in 306.1 emails in July contained malware (a decrease of 0.04 percentage points since June)
Phishing – One in 557.5 emails comprised a phishing attack (an increase of 0.02 percentage points since June)
Malicious websites – 4,425 websites blocked per day (an increase of 176.9% since June)
• 30.5% of all malicious domains blocked were new in July (an increase of 0.2 percentage points since June)
• 13.0% of all web-based malware blocked was new in July (an increase of 0.5 percentage points since June)

♦ Photo by bpedro/Flickr


View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.