shortened links can put your identity at risk: What you need to know -
We've probably all seen shortened links on social media. You know, the ones that are usually less than 10 characters and start with bit.ly or ow.ly. Although these links may have their advantages, such as giving Twitter users some additional characters to work with, it is that they also have a major fall. A recent study revealed that the shortening of URLs (with services like Bitly, TinyURL or Hootsuite) before sharing them with others could be you and your information endangering. Throughout the yearlong study by security researchers Martin Georgiev and Vitaly Shmatikov explored how easy it is to access information in the storage cloud services and services based on location at the use of shortcut links. Does this mean that you must stop using the shortened URLs completely? We look at how the shortened URL expose your information to help you decide.
Why people use shortened URLs?
Many people prefer to use shortened URLs when sending links by email, text message, IM or social media. For example, if you send a link to a private album of baby photos to your parents and the standard URL is something like http://mybaby.com/sams_first_birthday_party_spring_2016_23_04, you can use a link shortening site create a much more condensed link as http://bit.ly/1W0RD69. Many times people opt to shorten a link, because there are restrictions limit characters, which means that the original link can be cut in the text message, or they prefer the cleaner look of a link more short. Although a shorter link is easier to send, it may not be the safest way to share, particularly regarding the information or photos you want only a few people to see, such as family members or colleagues.
Why are shortened URL risky?
Because the URLs are shorter, it is easier for hackers to try different combinations of characters and made the right guess, because the shortened links contain much less characters than standard links. In other words, similar to the threat with short passwords, plus the URL, the easier it can be guessed, exposing the contents of this specific link. This is particularly worrying for those who share private links between trusted friends, family members or colleagues because the information is accessible by almost anyone who guesses the shortened URL. Hackers can also use the short URL to inject malware invisibly in your files, copying personal files and steal personal information on the site.
Another way that shortened URLs can jeopardize your privacy, which is not mentioned in the study, is that you can never really know which site to link will take you to court. For example, if a friend sends you a short link to their Facebook page, you do not know where the link can take you because it does not include the domain name facebook.com as a traditional link. While this may not be a problem when communicating with friends and family, who send you safe links, it can be difficult to determine whether shortened links from someone you do not know, including e -mail marketing of a company or organization, are legitimate because you can not check where they lead you until you click on them, which could cause you to fall for a phishing scam .
shortened URLs may expose other information?
Results of the study of shortened URLs also showed that hackers can expose documents stored on cloud storage services. Here's how: cloud storage services like onedrive, Georgiev and the Microsoft Shmatikov tested, allow almost all files (PDF, Microsoft Word files, spreadsheets, and multimedia files) to share via shortened URLs. As we described above, if an attacker is able to guess the URL, they will be able to view the file. What's worse, during the test of the researcher, not only were they able to access these files by guessing the URL, but they also found that 7% of their accounts accessible capacity allowed to write or edit these documents, which means they could have easily injected malware files and folders without the sender or recipient know. This is a big concern for personal file sharing, like photos of family or school work, as well as companies using the cloud storage business because they can share files with sensitive materials in the cloud someone a.
Another source of concern is that shortened URLs also have the opportunity to exhibit the physical locations of people (including their home addresses). In their test, the researchers were able to guess the shortened URL for Google Maps, which exposed the popular destinations and departure points. The researchers also found that for once they had the home address of someone used on maps, they could just plug this information into a Web search and pull up the owner's information which included names, telephone numbers and age of people living in that particular address.
What can I do to protect myself?
Although Microsoft and Google have taken preventive measures since the publication of the study to improve the way they shorten the URL (or URL shortcut off completely), it is important that you also do your part to protect you, as you can never be too safe when it comes to protecting your information online. The best way for you to avoid the risks of shortened URLs is to stop using them altogether. While this may cause you some inconvenience, it is worth the safety. Similarly, you can get help from an Internet security software, which can help you identify and remove any files that contain viruses, spyware and adware - something that can be useful if you receive a file infected with a colleague or friend. Also, you'll want to make sure to take preventive measures, such as updating applications or software on your device and change your passwords regularly, which are usually your first defenses a threat online. If you choose to share, make sure to disable any setting that would allow others to write or edit documents to prevent malicious software from being attached.
Follow our Internet security software blog to learn other ways you can keep your devices and safe identity.
0 comments:
Post a Comment