Bit.ly boosts malware protectionDecember 1, 2009 – 6:09 PM
For the security-conscious, those shortened URLs on Twitter can be unnerving. After all, where is that shortened URL really taking you? This summer, security vendors documented how spammers and phishers were exploiting URL shortening services to try to trick users into visiting sketchy sites. On Monday, one URL shortening service provider, bit.ly, made an announcement that promises some security relief on this front: it plans to integrate security services from VeriSign, Websense, and Sophos to boost its defenses against malware and spam.
In a blog post, bit.ly said it will use VeriSign’s iDefense IP reputation service to detect URLs, domains and IP addresses that host malicious code. It will also use the Websense Threatseeker Cloud service to catch spam by analyzing bit.ly links in real time, and Sophos’ behavioral-analysis technology to fend off spam and malware.
According to a Websense blog post, bit.ly will use Websense’s security-as-a-service platform to scan both new and existing shortened links as users click on them. “Websense will conduct full content analysis for the IP sources, websites and Web content behind the bit.ly links, including categorization and reputation analysis of the URL, property type, lexical and search reputation, history, age, geography, neighboring properties and more. If the user attempts to click on a link leading to malicious code, spam or a known phishing site, bit.ly will display an alert describing the threat potential and give the user the option to safely navigate away,” Websense wrote.