Network News

X My Profile
View More Activity

Spam Spotted Using TinyURL

A co-worker yesterday forwarded to me a piece of junk e-mail he'd received that used a clever yet simple method for not only getting around spam filters, but also obfuscating the destination Web site.

The hyperlink to the spam site was made with TinyURL, a free Web redirection service that has long helped people shrink overly long Internet addresses into ... well, tiny ones. I've used it countless times in the past to forward links to friends in e-mail or documents when for some reason the link is so long that a line break renders it unusable.

I've expected to see TinyURL links used in spam for some time, but this is the first actual e-mail I've looked at that contains one. Since many e-mail and instant message worms depend on people clicking on links, TinyURL would be a great way to spread malware as well.

As you might expect, using TinyURL to send either spam or malware is strictly against the company's terms-of-use policy, and it seems to enforce those rules pretty vigorously. I was happy to see that when I clicked on the link in a test system this morning, TinyURL had disabled it, leaving the following message:

"The TinyURL (mmv9a) you visited was used by its creator in violation of our terms of use. TinyURL has a strict no abuse policy and we apologize for the intrusion this user has caused you. Such violations of our terms of use include:
* Spam - Unsolicited Bulk E-mail
* Fraud or Money Making scams
* Malware
* or any other use that is illegal."

Hooray for TinyURL. Keep up the good work, and thank you for a very useful service.

By Brian Krebs  |  June 13, 2006; 9:54 AM ET
Categories:  Latest Warnings  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Yahoo Webmail Worm on the Loose
Next: 12 Microsoft Patches Plug 21 Security Holes

No comments have been posted to this entry.

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company