In yet another piece of anecdotal evidence of the increasing threat from shortened URLs, e-mail security provider MessageLabs said on Tuesday it saw a dramatic spike in the number of spam e-mails that include truncated Web addresses.
Shortened URLs, which allow spammers to hide the real Web address from Web surfers and are commonly used on social media sites like Twitter where message character length is restricted, began a sharp rise last week and now appear in more than 2 percent of all spam caught in the company's spam trap, according to MessageLabs.
"Usually when we see a spike of this nature it tends to indicate that a spammer has found some method of automating the creation of these short URLs," said Matt Sergeant, a senior antispam technologist at MessageLabs.
The many URL shortening services make it more convenience to post long URLs on sites like Twitter, but they also make it easy for attackers to lead Web surfers to sites hosting malware.
A major spam botnet called Donbot has aggressively moved to using this technique, Sergeant said. Donbot appears to be primarily focused on displaying advertisements, but could be linking to sites that drop malware onto visitors' computers too, he said.