Kaspersky Uncovers Threats Behind Shortened URLs. Shortened URLs have become an indispensable part of today’s online experience. Many internet users click on links generated by URL shorteners like bit.ly or ow.ly without a second thought.
However, shortened URLs can pose significant privacy and security threats that are often overlooked. Kaspersky sheds light on why it’s important to be vigilant against such links and how individuals and businesses can protect themselves from potential dangers.
Shortened URLs make internet browsing and messaging easier and faster, especially on mobile devices. They also enhance social media posts by overcoming character limitations.
Most people automatically copy and paste shortened links, and most URL shortening services allow users to customize the ‘new’ web address. However, this is where the problem lies. Unlike traditional URLs, a shortened URL doesn’t allow users to hover over it to see the actual web address. Therefore, in most cases, users cannot be sure what awaits them at the other end of a shortened URL until they click on it.
If cybercriminals exploit a zero-click vulnerability in a web browser, an infection can occur as soon as a user accesses a malicious website. Cybercriminals can also use URL shortening tools to change the destination address when necessary. For example, if attackers send phishing messages containing a link, but the phishing site they created for landing is blocked, they can use URL shorteners to easily redirect to a different address. Often, multiple redirects are used to further obfuscate tracks.
Some URL shortening tools allow tracking of actions taken by users who click on the link, effectively acting as a middleman service that intercepts all data exchanged between the user and the target site. Thus, URL shorteners can potentially capture entered credentials, social media messages, and more. Moreover, these links can be used for doxing and other tracking types if the URL shortening service offers advanced functionality.
In many cases, publicly shared shortened links are placed in social media posts or web pages. However, if sent to a user personally – in a messaging app or an email sent to a personal or work address – additional risks arise.
By using such links, an attacker who has already collected some information about the user can redirect the potential victim to a phishing site where some personal data is pre-filled. For instance, to a copy of a banking site requesting a valid username and password or to a service asking for a security code and containing a pre-filled personal bank card number.
Not clicking on shortened URLs is not an option, considering how ubiquitous and useful they have become. Often, URL shorteners are used for legitimate purposes and are entirely safe. However, as threat actors seek to exploit the trust people place in a service, user vigilance becomes crucial.
One easy way for users to examine a suspicious link is to copy and paste it into a tool like GetLinkInfo or UnshortenIt. While users may opt to install a security solution like Kaspersky Premium for their personal devices, organizations may choose an appropriate Kaspersky Next layer.
Such solutions alert users before they access a dangerous website, even if the link is shortened, and provide protection against attempts to infect their devices with malware, including exploiting unknown vulnerabilities.
Kaspersky’s Global Research and Analysis Team (GReAT) Security Researcher Mert Değirmenci says, “The best defense against the cyber threats posed by shortened URLs is user awareness and attention, coupled with a comprehensive security solution.
Many cybersecurity breaches stem from human errors and social engineering techniques, so people need to be educated, and organizations should evaluate regular training programs, like Kaspersky Automated Security Awareness Platform, to empower employees with the knowledge and skills needed to protect a company’s data and sensitive information from hacking, phishing, or other breaches.”