Symantec: Spammers Enticing Victims With Shortened URLs

Symantec’s October Intelligence Report, released Tuesday, shows spammers increasingly embedding shortened URLs in e-mails in an attempt to lure people to malicious Web sites.

“It’s definitely a problem,” Steven Snider, president of Symantec reseller Cadre Information Security, based in Cincinnati, said. Although URLs in spam mail has been used for more than a dozen years, it remains a major security risk, he added.

Spammers are benefiting from people’s growing comfort with shortened URLs, which are a staple on social media, such as Twitter and Facebook, according to Symantec. The truncated URLs are often embedded in e-mails with subject lines meant to attract attention, such as: ‘It’s a good thing you came” or “It’s a long time since I saw you last.” The tactic arouses curiosity, while the URL leads the victim into believing the message is from a social network.

This month, Symantec found at least 80 URL-shortening sites operated by a singly spam gang. The sites, all public, used a similar naming pattern and the .info top-level domain.

id
unit-1659132512259
type
Sponsored post

Symantec guesses spammers are building their own sites, because legitimate services are getting better at detecting criminal elements and malicious URLs. What isn’t clear is why they would make the sites public. “Perhaps this is simply due to laziness on the spammers' part, or perhaps an attempt to make the site seem more legitimate,” Paul Wood, senior intelligence analyst at Symantec, says in the report.

Whatever the reason, URL-embedded spam is everywhere. Last year, 92 percent of spam e-mails had URLs and the move to shortened URLs makes it easier to conceal the malicious site destination and adds to the difficulty of blocking such sites with anti-spam technology, Symantec says.

The report also found that the number of Web-based malware threats dropped 4.3 percent from September. Symantec found an average of 3,325 sites each day hiding malware, spyware or adware. The security vendor said the amount of e-mail-borne spam, phishing and viruses dipped less than a percentage point from last month.