Site Overlay

Spammers now using TinyURL to flood comments

Spamming is the abuse of electronic messaging systems to send unsolicited bulk messages. While the most widely recognized form of spam is email spam, spam in blogs is becomming huge these days along with search engine spam and mobile phone messaging spam.

Spamming is economically viable because advertisers have no operating costs beyond the management of their mailing lists, and it is difficult to hold senders accountable for their mass mailings. Because the barrier to entry is so low, spammers are numerous, and the volume of unsolicited mail has become very high. The costs, such as lost productivity and fraud, are borne by the public and by Internet service providers, which have been forced to add extra capacity to cope with the deluge.

Blog Spam or “blam” for short is spamming on webblogs. This type of spam takes advantage of the open nature of comments in the blogging sftware by placing comments to various blog posts that provided nothing more than a link to the spammer’s commerical web site.

Blogs such as TechCrunch have caught over 1 million spam comments. For most blogs such as this one and AskStudent, the protection from such Blog Spam like TechCrunch is Akismet.

Today, I saw a new method of Blog Spam by these spammers. They are using TinyURL, a very popular web service which provides short aliases to long URLs. TinyURL inspite of its benefits has had to face the criticism that they are opaque, hiding the ultimate destination from a web user. This opaqueness is now being leveraged by spammers, who can use such link in spam and thus bypassing URL blacklists.

Example showing the use of TinyURL in blog spam


TinyURL has blocked the above site stating that they abused their policy. How does one deal with such spam? Post in comments area.

TinyURL blocks spam link

Related Articles:

1. How to hide your email address from spammers, a thorough guide

2. How a PayPal phishing email looks like and how to detect it

3. Top phishing targets are Ebay and PayPal followed by Banks

4. References: Wikipedia article on spammer

Similar Posts:

Published By:

Author: Ajit Gaddam

Ajit Gaddam is an accomplished technology executive and is currently the Head of Security Engineering at Visa, where he is responsible for building large scale AI driven cybersecurity products, leading engineering programs, and providing expert guidance on cybersecurity matters. He has presented at conferences worldwide, including USENIX Enigma, RSA, Black Hat, Strata Data Hadoop, COSO Dublin, and GCS Ukraine. Ajit has been quoted by major media organizations and his work has been showcased in academic journals, security publications, and in two published books. He is an active participant in various open source and standards bodies, is a prolific inventor of disruptive technologies (over 100+ global patents), and moonlights as an instructor (SANS, community colleges).

3 thoughts on “Spammers now using TinyURL to flood comments

  1. For me, Akismet always worked for me blocking 99% of incoming spam. However, I have not seen a tinyURL spam link before. Could be a significant challenge

  2. You have made some really good points there. I looked on the net to learn more about tthe issue and found most individuals
    will go along with your views on this website.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll Up