Use caution when clicking shortened links on Twitter.

Status
Not open for further replies.

soccer97

Level 11
Thread author
Verified
May 22, 2014
517
The above source is an old link: I just needed one to make this post. It does contain some best practices though. The main source of this post is personal experience.

Please be careful when clicking the links on Twitter (t.co) and (bit.ly)redirects. I have had more than a few that have been sent to the security vendor for analysis after clicking on them. I am not referring to someone's personal tweet, but even sever reputable company's blogs shortened hyperlinks have been automatically sent to the security vendor for analysis. I am only suggesting that you please be careful. Not all links are malicious, but watch what you click on with the shortened links.

These events have happened more frequently over the past 2 weeks, including the last few days.
 

Atlas147

Level 30
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 28, 2014
1,990
Unfortunately the shortened links mean that link checkers like virustotal won't be able to pick up on the malicious links behind them. My WOT always states green when it scans bit.ly or shortened twitter links, but some times they lead to malicious or scam sites.

I've always had the idea for bit.ly and twitter to impement their own scanners whenever someone uses their services, meaning that it would scan the link that everyone would be redirected to to make sure that it's a safe site. Can be easily done by partnering up with one of the security vendors, whats more is that ESET is already doing this but they are also unable to scan past the bit.ly link so if there are in fact mailicous content behind them, ESET social media scanner would not detect it.
 

soccer97

Level 11
Thread author
Verified
May 22, 2014
517
You can run it through Virus Total, click on Additional Information and click the Securi and Quttera links.

1) Scan link through VTotal
2) Click Additional Information
Notice the box: Final URL after redirects (It also shows the site it redirects to!)
3.) If you are still unsure you can scan that site, or click the Securi or Quettera links (I believe).

This is how I understand it. I could be wrong.
 
  • Like
Reactions: Logethica

oneeye

Level 4
Verified
Jul 14, 2014
174
If you have Avast mobile security,and open the link in one of the covered browsers,then it will be scanned. What I do however,is I have an app called "app picker" which allows me to pick what browser to open the link in. After I click the shortened link,it is resolved and displayed with a list of my browser's. Then I can either open it,or reverse my way back. Works for me because I only open links from a gmail feed of Twitter. Never use the app,and rarely online after setting everything up and making it as private as possible.
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
If you have time to investigate those shorten URL then much better as you can check from many websites to reveal the actual direction you should have however ..... people nowadays are really trigger happy which it shouldn't surprise at all. ;)
 

JD15

Level 1
Verified
Jul 12, 2015
30
I had a tweet with a link from someone just yesterday saying (Haha is this you?) I clicked on the link and a fake twitter signed out (please log in) page opened! I checked the address bar and it was not twitter obviously who logged me out it was just some scam etc web page! We all need to be beware of such links.
 

soccer97

Level 11
Thread author
Verified
May 22, 2014
517
Whenever I come across a shortened link I always unshorten it using - http://unshorten.it/

I never trust shortened links as you never know what may be hiding behind them, but the above site is something really good to use if you're like me.

It even took you to the legitimate stated site, next thing I know, a strange temp file shows up in a notification saying it is being sent to my resident AV's department analysis. Maybe there are extremely brief redirects before the initial destination. Who knows.

I now just see who posted it, google the title of the post, and find the original link for the article or whatever. It's easier.
 
  • Like
Reactions: Logethica
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top