News Reviews How-To's Downloads Shop & Compare Apps Business Center NEW Android App Guide iPhone App Guide All PCWorld Blogs » All PCWorld Videos » 
Cameras 
Camcorders 
Cell Phones 
Components 
Desktops 
HDTV 
Home Theater 
GPS 
Laptops 
Monitors 
MP3 Players 
Networking &Wireless
Printers 
Storage Software Antivirus & Security Browsers & Add-ons Operating Systems Multimedia Utilities Games Popular Topics Consumer Advice Gadgets Gaming Macs & iPods Mobile Security Tech Industry Tech Events Upgrading Windows 7 Featured BrandsShop Acer ProductsAMD Guide to Visual ComputingCisco Small BusinessDell Alienware: Prepare YourselfDiscover HP Printing SolutionsSave 50% Per Color PrintWorld's First Web-Connected Home PrinterShop Lenovo Laptops 
MagazineSubscribe & Get a Bonus CD Customer Service
Discover news, guides, and products for your business
Software & ServicesOffice HardwareSecurityServers & StorageCell Phones & MobileOperating SystemsNetworking & VOIPVirtualization
Follow us 
Feeds & Newsletters function submitNewsletterSubscriptionHeaderModule(){var postData=$("#newsletterModuleForm").serialize();var requestOptions={url: '/newsletters/pcw_module_processor',data: postData,success: function(data,textStatus){$("#newsletterSubscribeHeader").fadeOut("slow",function(){$(this).html(data).fadeIn("slow");})}};$.ajax(requestOptions);} 
Security AlertPractical security advice » More Security Alert » RSS » All Blogs Tweet 0 Comments+0 RecommendsEmailPrint Business Center Beware Goo.gl Fake Antivirus Worm on TwitterBy Tony Bradley, PCWorld
Twitter and Twitter users are being targeted by a malicious worm. The worm sends out tweets with a goo.gl shortened URL link directed to a rogue antivirus application. The attack demonstrates once again how URL shortening can be a Pandora's box as users click on links with no clue where they might lead.
Similar Articles:
Google Launches API for URL ShortenerGoogle Releases API for Its URL Shortener
4 Ways Google's Goo.gl URL Shortening Service Can Best the Competition Shorten URLs With an Automator Service
Twitter to Roll out Automatic Link Shortening Service
Tr.im is Gone, Will Link Rot Ensue?A post on Naked Security by Sophos' Graham Cluley describes the threat. "Thousands of Twitter users are finding that their accounts have been tweeting out malicious links without their permission, pointing to a fake anti-virus attack," adding, "A quick search on the popular micro-blogging network finds many tweets from users containing no message other than a goo.gl shortened link (Google's equivalent to bit.ly or tinyurl), which itself points to a URL ending with "m28sx.html".
Attacks hiding behind shortened URLs are not new, and are also not technically challenging to execute. By their very nature, URL shortening services like goo.gl and bit.ly take cumbersome, long URLs and condense them down to a nice, short alias that can be used in its place. The concept makes it much easier to send some exceptionally long links, and is a necessity for a site like Twitter which caps messages at 140 characters.
Adam Wosotowsky, principal researcher at McAfee Labs, explains, "Shortened URL sites are not 100 percent malicious, so blocking the domain completely can cause false positives, which is something researchers try and avoid. Goo.gl is an example of a site associated with Google, so blocking the domain may be frowned upon by Google, allowing the spammer to continually abuse the site."
Wosotowsky elaborates, "As we stated in our 2011 Threat Predictions, we currently track and analyze--through multiple social media applications and all URL shortening services--more than 3,000 shortened URLs per minute. We see a growing number of these used for spam, scamming and other malicious purposes, and we expect to see shortened URL abuse invade all other forms of Internet communications."
Shortened URLs provide attackers a simple, and commonly accepted means of obscuring malicious links. McAfee recommends using its proprietary URL shortening service--mcaf.ee. McAfee's shortened URLs are scanned and filtered to weed out malware. Of course, you can't really control what URL shortening service other people use to send links to you.
To avoid falling victim to Trojans, drive-by downloads, and other malicious attacks hiding behind innocent-looking shortened URLs, try using a tool like Tweetdeck that offers an option to reveal the full-length link behind the shortened URL before visiting it.
Was this article useful? Yes 0 No 0#resourceLinks li {display: none;}Sponsored Resource:Find your perfect All-in-One printing solution from HP.Read more like this: phishing, trojan horses, Twitter
You can follow Tony on hisFacebook page, or contact him by email attony_bradley@pcworld.com. He also tweets as @Tony_BradleyPCW.
Add YoursComments Readers reply with their ideas and expertise.Subscribe to this discussion via email or RSSWhat do you think? Connect with Facebookwindow.onload = function(){ if (displayFBConnect()){$(".fb-login").show();$(".fb-connect-txt").show();}};function displayFBConnect() { var display = (Logon.isValid && FB.Connect.get_loggedInUser())?false:true; return display;} Posting comment ... Breathtaking 3D Laptop
Play games, watch movies and view photos - all in 3D.
See it here.Business News DailyGet the latest technology news that's important to you and your business, fresh seven days a week.
function submitNewsletterSubscription(){var postData=$("#newsletterModuleForm").serialize();var requestOptions={url: '/newsletters/pcw_module_processor',data: postData,success: function(data,textStatus){$("#smbRightSubscribe").fadeOut("slow",function(){$(this).html(data).fadeIn("slow");})}};$.ajax(requestOptions)} Best Prices on Security Software Most Popular All Categories
Total Protection 2011 - 3 Users$21.88 and upSee All Prices
Norton Internet Security 2011 - 1 PC (OEM)$18.00 and upSee All Prices
Norton Internet Security 2011$28.94 and upSee All Prices
Norton 360 v.4.0$36.00 and upSee All Prices LaptopsUnder $500$500 to $1000$1000 to $2000$2000 to $3000Over $3000DesktopsUnder $500$500 to $1000$1000 to $2000Over $2000PrintersInkjetB&W LaserColor LaserPortable AudioMP3 PlayersAccessoriesDigital CamerasCamerasLensesAccessoriesSoftwareDesign & MultimediaBusiness Productivity UtilitiesOperating SystemsMonitors18 to 19 Inches20 to 21 Inches21 Inches & UpCamcordersCamcordersBatteries & PowerBags & CasesTelevisionsPlasma & LCD ProjectionTV Accessories & MountsStorageHard DrivesFlash MemoryDVD-ROM/DVD Writers See all Best Prices on Security SoftwareSee also:Best Prices on Antivirus Software Latest in Business Center Blogs
Net Work - January 22, 2011 5:25 AMPlayboy on iPad Uproar Misguided and Uncalled ForControversy over Playboy on the iPad is just silly--porn and graphic nudity are already available on the tablet despite Apple's efforts.
Security Alert - January 21, 2011 2:53 PMDon't Fear the Android Security BogeymanAn ingenious piece of Android malware can steal credit card details from your smartphone, but it doesn't signify a security apocalypse.
Security Alert - January 21, 2011 2:51 PMBeware Goo.gl Fake Antivirus Worm on TwitterA worm is spreading on Twitter using goo.gl shortened URLs to direct users to a malicious fake antivirus site.
Linux Line - January 21, 2011 12:16 PMiPad Lookalike Dual-Boots Ubuntu and WindowsFeaturing a 9.7-inch screen, the new tablet is thin and designed much like Apple’s market-leading device, according to reports.
Security Alert - January 21, 2011 9:24 AMMcDonald's Phishing Scam: I'm Not Lovin' ItA phishing scam is circulating under the guise of a McDonald's survey with a $250 award for participating.
Net Work - January 21, 2011 6:19 AMVerizon Challenges FCC Net Neutrality AuthorityVerizon filed a lawsuit seeking to overturn the FCC net neutrality rules on the grounds that it oversteps FCC authority.
All Blogs » Top Small Business Ready Products
Lenovo ThinkPad W701ds 272 people want this 
HP EliteBook 8440w 230 people want this 
Lenovo ThinkPad X100e 205 people want this 
HP ProBook 5310m 178 people want this 
Lenovo ThinkPad SL510 (2847-22U) 152 people want this See all Featured Webcasts 
Top 10 Concerns of Buying a VoIP Business Phone System Type: whitepaper
Company: CompareBusinessProducts.com
Categories: VOIP
Buying a Phone System? Compare the 94 Business Phone Systems in One Chart Type: whitepaper
Company: CompareBusinessProducts.com
Categories: VOIP
More webcasts » Free Whitepapers
Software and Services Whitepapers from PCWorldMore whitepapers » Whitepaper AlertsGet updates on white papers, case studies, and spotlights on tech products and solutions for your business.
function submitNewsletterSubscriptionWhitepaper(){var postData=$("#newsletterModuleFormWhitepaper").serialize();var requestOptions={url: '/newsletters/pcw_module_processor',data: postData,success: function(data,textStatus){$("#smbWhitepaperAlert").fadeOut("slow",function(){$(this).html(data).fadeIn("slow");})}};$.ajax(requestOptions)} More from the PCWorld BusinessCenter
Hackers Steal $150,000 With Malicious Job Application 
Google Android Power Tips: Master Froyo and Gingerbread 
Five Open Source Network Management Projects to Watch 
2011: The Year Personal Computing Will Reinvent Itself 
Smartphone Security: How to Keep Your Handset Safe 
RIM to Block Access to Porn on BlackBerry in Indonesia 
It's a Mad, Mad 4G World at CES 2011 
15 Sizzling Smartphones of CES 2011 
4G Smartphones and Tablets Take CES 2011 By Storm 
PCWorld.com is the Web's trusted resource for management-level buyers and users of technology products, reaching an average of more than 11 million unique visitors per month (HitBox, January - June 2009).
More About Us » FAQ »ResourcesTwitterRSSNewslettersContact UsMagazine Customer ServiceAdvertiseNetworkPCWorldPCWorld Business CenterSearch for JobsMacworldMacUserMac OS X HintsiPhone Central
NameCityAddress 1StateZipAddress 2E-mail (optional)Canadian Residents | Foreign Residents | Gift SubscriptionsCustomer Service | Privacy Policy© 1998-2009, PCWorld Communications, Inc. Terms of Service Agreement Privacy Policy Community Standards
No comments:
Post a Comment