Short URLs in spam skyrocket
The Twitter effect
Agentless Backup is Not a Myth
Incidents of shortened URLs in spam messages have skyrocketed since the start of this week.
Email filtering service MessageLabs reports that more than 2.25 per cent of junk mail messages feature spamvertised links laundered through URL redirection services.
URL redirection services map between lengthy web addresses and shortened URLs. Such services are a vital adjunct to services such as Twitter, which restricts users to a 140 character message limit.
Spammers have begun using these URL shortening services because they help to disguise the true destination of promoted links, a factor which might go on to play a part in drive-by download malware attacks as well as already observed incidents of spam-promoted websites. URL redirection services require no registration, making their services more attractive for legitimate users and spammers alike.
"Donbot, the botnet responsible for sending approximately five billion spam messages every day, is one of the main culprits for using this technique," said Paul Wood, MessageLabs Intelligence senior analyst at Symantec. "Links of any size all need to be treated with caution."
The security of URL shortening services was among the first issue put under the microscope by the Month of Twitter Bugs project. The security awareness raising exercise debuted on 1 July with an advisory on four cross-site scripting (XSS) vulnerabilities in the bit.ly URL-shrinking service.
Three of the flaws had already been plugged before the advisory, while the remaining vulnerability was fixed on the same day as the bulletin. ®
COMMENTS
Come on!
Don't click on links in email, simple as that! No reason to click on links in emails. End of story!
If it's something that interests me, then I will fire up the browser and manually type it in and do a search on the site in question. Yes, that might take longer, but then I weigh that against the time it will take to recover all my data and I think an extra 30 secs to check something out is preferable to several hours putting my machine back together.
Tinyurl preview
I enabled the preview setting for tinyurl as soon as I heard about it, and in my opinion they should make it the default setting. One more page load & click in return for knowing where you are about to be taken and being able to choose to hit the back button. But that FF add on looks useful, have installed, will check it out when I restart...
IT infrastructure monitoring strategies
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
Data control in the cloud
Cloud based data management
Agentless Backup is Not a Myth
