Sophos and bit.ly – making short links safer

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

bit.ly logo
Here’s some good news if you’re one of the millions of people who have come to depend upon shortened urls in your day-to-day life.

bit.ly, isn’t just the default link shortening service used by Twitter, it’s also widely used on other social networking sites and communications as a handy way to shorten a link.

For instance, bit.ly will convert a link such as:

http://www.sophos.com/pressoffice/news/articles/2009/11/bit.ly-agreement.html

Sign up to our free newsletter.
Security news, advice, and tips.

to the much more manageable:

http://bit.ly/8JYaoV

Today, bit.ly announced that it was partnering with Sophos (and our friends at Verisign and WebSense) to offer additional protection to users clicking on short bit.ly links to defend against the possibility of them visiting a webpage created by spammers or phishers, or infected with malware.

Cybercrime on social networks

And that’s important, because our research shows that spam, malware and phishing is far from uncommon on social networks.

bit.ly already does some great work filtering links to see if they might be malicious or objectionable, and provides the ability the users to preview the final destination of the link by adding a “+” to the end of any bit.ly URL, but partnering with security vendors such as Sophos should offer an even higher level of protection in future.

Malicious tweet spread via Guy Kawasaki's Twitter account

Of course, it shouldn’t be forgotten that bit.ly is just one of many URL-shortening services out there – and I’m not aware of any which are currently working as hard to fight the bad guys as bit.ly are. It’s possible that the cybercriminals might switch their focus to other less well-known URL shorteners when planting traps for unwary users – so now is not the time to let your guard down.

You can read the corporate propaganda from our PR folks about the partnership here.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.