Are Shortened URLs Safe?

Posted on: August 13, 2013 | By: Christina Bonds | Filed under: Info Security

shorturl

A URL shortener service takes a long URL and turns it into a short URL that is both clearer to read and more user friendly.  Shortened URLs can mostly be found on social networking sites such as Twitter due to its character limit per message.  By using a short URL, the rest of the characters left can be used for the actual message.  In my Think Before You Click post I talked about hovering over a link to reveal its actual destination.  However, hovering over a shortened URL does not tell you where the link will take you.  You may recognize www.elon.edu/e-net as being a safe site to visit but what about http://bit.ly/17AZ0YH or http://goo.gl/9OvBAa?

What is the risk?

If you can’t discern where a shortened URL is going then there is the risk that the destination URL is a malicious URL.  It is also hard for email spam filters to know the destination thus adding the possibly unsafe emails straight to your inbox.  So, should you avoid clicking on all shortened URLs?  Thankfully, the answer is no.  Many URL shortening services have a way for you to preview the destination URL before you actually go there, similarly to the QR code apps presented in the Where is this QR Code taking me? post.

How to see before you click

Bit.ly and goo.gl shortened URLs can be previewed by placing a plus (“+”) sign after the short URL.  For example,  http://bit.ly/17AZ0YH can be changed to http://bit.ly/17AZ0YH+  and  http://goo.gl/9OvBAa can be changed to http://goo.gl/9OvBAa+.  Try them yourself in different browsers.  Are you able to see where they are going to take you?

The how to preview shortened URLs web page shows how other URL shortener services offer a similar preview.  You can also use the following sites to expand shortened URLs.  Try it out!

Next Tuesday’s Topic:  Public Wi-Fi

Christina Bonds

Christina Bonds, CISSP, is an Application Developer at Elon University

More Posts

 

Comments are closed.