Tricks and no Tweets: Why Malware-Laced Links on Twitter Should Scare You
Twitter is one of the most victimized social networks around due to the large percentage of malware laced URLs included in various tweets. This Halloween season many of us will get tricked instead of tweeted if we are not careful.
The "tricks" that users have been reporting on Twitter as of late are messages that include malicious URLs that continue to circulate on Twitter. One security research firm, Kapersky Labs, basically agrees that as many as one in every 500 address, or URLs, posted on Twitter lead to a site that hosts malware. That is outrageous considering Twitter has almost 50 million users and continues to gain millions of new users each month.
Have you ever received a direct message on Twitter that claims to have found you in a video or a tweet and the message says something as simple as "lol this is funny"? Well, many of those types of messages include a malicious link within them that entices a computer user to click on it, only to find out that they are redirected to a site that serves up malware.
According to Kaspersky, roughly 26% of Twitter messages contain a URL. Out of those 26% of Tweets that have a URL, about half of them appear to be created by a combination of spammers, hackers and those who have a malicious intent to cause harm to the message recipients.
Table of Contents
What are these malicious URLs found in tweets and what do they look like?
As you may already know, Twitter messages that have a URL included in them hardly ever include the full URL path that you will be taken to. Instead, there are different shortened URL services available at Twitter users' disposal since Twitter only allows tweets to be 140 characters long. Usually a malicious link behind a shortened URL is never discovered to be malicious until the damage is done. A hacker can shorten virtually any URL without any indication of it hosting malware on the linked site. That does not mean every "bit.ly" or "tinyurl" link that you see on Twitter is malicious, it means you have no way of knowing if it is safe unless you take the extra step and click on the link. An example of a Twitter message with a malicious link is shown on the Figure 1 below.
Figure 1. - Malicious Twitter tweet with a link to a fake video web page. [source: PCMag]
In August of 2009, Twitter started using a Safe Browsing API, or filtering system, developed by Google that detects malicious URLs. Since then malicious URLs are still falling through the cracks. Even though Twitter has taken, what seemed to be at the time, the necessary precautions to limit malicious URLs from being part of messages, hackers and spammers have found a way to bypass the filtering system with the use of URL shortening services.
How can I preview a shortened URL before clicking on it?
Shortened URLs are not going to magically disappear any time soon so previewing a shortened URL is a wise decision considering the massive amount of malicious links that are circulating on Twitter. We recommend utilizing one of two utilities, TinyURL Decoder or Untiny. Both services are able to extract the original URL from the shortened version so you are able to find out what site you would be heading to once the link is clicked on. Better yet, Untiny has a Firefox plugin that can be installed to offer the service on the browser search bar. Both TinyURL and Untiny cover the majority URL shortening services including Bit.ly and tinyurl.
Trick or Tweet?
Have you ever clicked on a shortened URL and ended up on a malicious site? If so, you can view our Top 6 Crucial Tips to Avoid Malware via Twitter and share your story with us in the comment area below.