Report: Spammers trap victims with URL-shortening sites

Posted by Radu Tyrsina

Shameless spammers are creating their own URL-shortening sites to elude anti-spam initiatives on the 'Net.

The sketchy sites - first reported in April 2011 by Symantec - allows spammers to avoid automatic filters and hide the fact that their misleading links lead to "dingy" websites.

For example, say a spammer wanted to lure victims to (the fictional) www.thebestsuperdrugs.com, a URL that would obviously be blacklisted by legitimate URL-shortening sites.

The spammer would run www.thebestsuperdrugs.com through its own shortener first, subsequently sending the "masked" URL to a legitimate site to be shortened yet again.

The final shortened URL would then be used as a "bait link" in a spam message.

If not intercepted by a spam filter, the message could be clicked on by gullible or inexperienced users - taking them to sketchy sites.  

Interestingly enough, (currently) all the URL-shortening sites attributed to spammers boast .ru in their domain names and are hosted in Russian and Ukraine.

[Via Network World]