I’ve explained my hatred for URL shortening services in the past and it seems that hatred continues to be justified. I feel that URL shortening services are a security threat as they prevent a user from knowing where a link will actually take them. This is why I have a policy on this website to delete any and all comments that continue a link to a URL shortening service. Well it appears as through spammers are now using their own shortening services:
Under this scheme, shortened links created on these fake URL-shortening sites are not included directly in spam messages. Instead, the spam emails contain shortened URLs created on legitimate URL-shortening sites.
These shortened URLs lead to a shortened-URL on the spammer’s fake URL-shortening Web site, which in turn redirects to the spammer’s own Web site.
This shouldn’t come as a surprise to anybody. The obvious danger here is a link that appears legitimate (a known URL shortening service link) could redirect you to a spammer controlled shortening service link which could redirect you to a site that attempts to compromise your computer.
Before anybody brings this up I do realize that my Twitter feed uses a URL shortening service. I can’t do anything about that and if you don’t like it then subscribe to the RSS feed instead like normal people.