URL shortening: Social engineering attack vector

URL shortening is a technique in the World Wide Web wherein a provider makes a web page available under a very short URL in addition to the original address.

For example, the page http://blog.chackraview.net/2010/01/19/operation-aurora/ can be shortened to http://bit.ly/5RJICq

As web clients tends to pass more and more data in the URL to communicate with web server; it makes URL became ugly and difficult to recall.
IM clients; and especially social networking and micro blogging client twitter are making URL shortening more and more popular.

URL shortening service providers keep one to one mapping of long vs. short URLs and that’s how web client gets redirected to the actual website.

Following are then most popular available URL shortening service providers.

In a way URL shortening has provided end user the freedom to cut down the length of long URLs and made them human readable, but on the other hand it can lead to sophisticated attacks.

Confused?? Let me explain how..

URL shortening is a special way of URL redirection, using which these short URLs redirects a web client to the actual long URL. Short URLs hide the target URL which can be absolutely anything including bank phishing website, malicious website etc. You will never know unless you actually visit the webpage.

Symantec security response team has created a small video on malicious use of URL shortening service. This video shows how a user can be fooled into downloading rouge Antivirus by making him look like his PC is infected.

YouTube Preview Image

This can happen with any of us unless we take necessary precautions.

Precautions:

We can actually install following plugins for our browsers

  1. “bit.ly preview” plugin for mozilla firefox
  2. “Bit.ly” extension for google Chrome.

These plugins displays a tooltip that shows the Page Title, Long URL, and any Click Data it contains about the page the URL links to, whenever you hover over a bit.ly URL on any web page.

bit.ly plugin configuration

To use these plugins, you need a valid username and API key from bit.ly service. You can register for free on bit.ly and use your API key to avail this service.

bit.ly plugin showing long url corresponding to the short one.

This way at least we can know where we may get redirected to. This is not a foolproof solution but at least will reduce the chances of falling prey to such social engineering tricks.

Stay safe !!!

References:

  1. Bit.ly Preview firefox plugin
  2. Bit.ly google chrome extension

Note: Above mentioned plugins can map short URLs only from bit.ly. I am not aware if there are more such plugins for various other URL shortening services.

Rating 3.00 out of 5

One Response to “URL shortening: Social engineering attack vector”

  1. vikas bhawar Says:
    January 29th, 2010 at 3:57 am

    Thaks vey much for such a helpful information !! :)

    I have installed this plug-in on my PC.

Leave a Reply

This entry was posted on Friday, January 29th, 2010 at 12:54 am and is filed under HOWTO's, Information Security, Web Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Get Adobe Flash playerPlugin by wpburn.com wordpress themes