Spammers Create Their Own URL Shorteners To Pump Out Junk Links

Brad Chacos

Don’t click on suspicious links from unknown sources. We know you know, but the rise of link shortening services like make it next to impossible to know where you’re being directed half the time, especially on Twitter. Unfortunately, spammers have caught on to the fact (C’mon, it was only a matter of time). Legitimate link shorteners have been doing a good job of eliminating malicious links, but a new report says that a gang of spammers have set up 87 URL shortening sites and are using them to flood inboxes around the world with junk.

The spammers are using open-source URL shortening scripts to power the sites, all of which use the .info domain, Symantec senior software engineer Nick Johnston explains in the company’s October Intelligence Report . The good news is that the spammers have stuck to using the shortened links in junk emails rather than posting them on the web or social media sites – at least thus far – and the messages reek of spaminess, with blank or generic subjects and little verbiage other than the shortened URL in the body itself, which makes them easy to identify for us Net savvy types.

Symantec is already trying to have the spam gang’s URL shorteners removed. “The domains used for the URL shortening sites all have the same contact information, with all contacts based in Moscow,” Johnston writes. “The domains are all hosted by a UK subsidiary of a large hosting company. We have informed the company.” Even if the hosting company takes these particular sites down, Symantec expects spammers to continue creating similar services in their quest for your credit card info.

Around the web