Friday, March 3, 2023

Phishing scams using URL Shorteners

I am sure many of you are familiar with shortened URLs that redirect you to a different long-winded URL when clicked. If you’ve ever seen or used, or a link, you are already familiar with how they work. 

These shorturl services like etc., have been abused by scammers for their phishing campaign for a while now. Recently, there is an increased use of these technique specifically leveraging reputable/legitimate websites like (see link below) since malware protection software and spam blockers are unlikely to block these short links created by reputable organizations like LinkedIn.

So how do you know if your given short URL is not going to take you to a shady phishing site or worse, to a malware laced website? Essentially, what you need is an inverse of shorturl i.e., longurl 😁 which expands the shorturl to show where it would take you if you were to click. That is exactly what I have done on this simple tool below. Feel free to use.

Note: Try expanding this sample short link ( using the longurl service above. For safety, the redirect address is checked w/ out actually traversing there and also it goes just one level deep only. There is also that does lot more if you want to try that as well. 

PS: I also have a very simple shorturl service similar to here Again, feel free to use.

No comments: