We’ve all got a message from Twitter or Facebook spammers with a suspicious shortened link. But shortened links don’t always lead to viruses. So how can you spot the difference?
First, there are two people who use shortened links:
-Good people who want to show you something funny without using a big link or taking up lots of text
-Bad people who want to trick you into visiting a malicious website
Phishing filters and ad blockers often can’t detect or block a site through a URL shortener. That makes it difficult to determine whether your friend is sending you a legitimate link – or if they’ve just been infected by a virus.
The Obvious Solution is to Avoid All Shortened Links
Some people say the solution to this problem is easy: just never click on shortened links, right?
Well, that is one solution. But it’s not an ideal solution. Shortened links are ubiquitous on social networks. Twitter automatically shortens links when you type them into a tweet, for example.
Second, URL shortening services do take action against spammers and hackers. In a chat with YourSecurityResource.com, Bitly’s chief scientist Hilary Mason said the following:
“We take spam and malware very seriously. We make sure that people clicking on links that map to known malicious links see a very clear warning page.”
Now that you know that, here are some other ways to spot malicious links before you click:
How to Avoid Clicking on Shortened Malware Links
Step 1) Hover over the Shortened Link: This tip works well on Twitter. If you hover over a shortened link with your cursor, you can see the final destination address. If you want to do this outside of Twitter, you can find plugins for Firefox and Chrome that will let you do that.
Step 2) Use Websites to Uncover the Link for You: Visit www.KnowURL.com or www.LongURL.org to expand URLs and spot malicious websites.
Step 3) Use Google to Search the Subject: If you see something interesting in a shortened link, just Google it instead of clicking on it. You get to avoid the risky click through an unknown link and you still get to see whatever interested you in the shortened link in the first place.
Step 4) Update your Security Software: Okay, you should probably be doing this anyway. But make sure all your plugins and security software is updated. That way, even if the shortened link does contain malware, your security software should be able to fight it off.
Step 5) If It Sounds Too Good to Be True, then It Probably Is: Walmart is never going to give out $500 gift cards for free online. That hot girl in the bikini in the link picture probably isn’t going to get naked for you in the article. Use common sense and avoid being tempted into clicking on something stupid.
Ultimately, bad guys are banking on the fact that you won’t think before clicking on a shortened link. But remember: if it’s too good to be true, then it probably is. Especially on the internet.