Twitter links safer than Google, says security researcher

News

Twitter links safer than Google, says security researcher

Warwick Ashford

Contrary to popular belief, most short links on Twitter are not malicious, according to Zscaler Security Research.

With bit.ly, Tiny URL and other similar services enabling users to compress web addresses in such a way that hides the true destination, some researchers have warned of a spike in malicious links.

URL shorteners are popular on Twitter, with bit.ly representing 40% of all links and Tiny URL responsible for 5% of links.

But a study of more than one million URLs by Zscaler, carried out before Twitter introduced a security system to scan all links used in tweets, showed that only 0.06% of them represented a security risk.

Researcher Julien Sobrier retrieved 1,314,615 URLs from Twitter's public timeline before protection was put in place and found only 773 led to malicious content, not including spam.

Bit.ly represented around 40% of malicious links and Tiny URL accounted for 6%, reflecting the proportion of overall number of links.

Despite introducing a scanning system similar to Twitter's, bit.ly's phishing and malware protection does not appear to be making it any safer than other URL shorteners, said Sobrier.

"The figures show it is actually much safer to follow links from Twitter than from some search results on Google," he said.

Observers have commented that although the threat of URL shorteners has been blown out of proportion, the study looked only at the public timeline and did not include direct messages, which is where cybercriminals are focusing their efforts, according to Twitter.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy