Short-URL Services May Hide Threats

By on Jul 25, 2013

In a recent post, AppAppeal ranked the most popular URL shorteners. The top five includes TinyURL,,, and Unfortunately, these helpful services are also used to hide a large number of malicious URLs. This result has made me want to learn more about malicious links that may be hidden behind these shortcuts.

For the top five, the following table and graphs show the number of malicious URLs McAfee Labs discovered in 2012 and the first half of 2013.








In addition to the most commonly used URL shortening services, there are many others. Browsing the Internet, I soon discovered hundreds more.

The most common top-level domains for URL shorteners are COM, ME, LY, US, IN, NET, TO, IT, CC, and GD. But two-thirds of these sites are unreachable or lead you to web pages with advertising links indicating the domain name is for sale. Some others explain they had to close due to the amount of malicious URLs they hosted without being able to properly eliminate them.



The final third is hard to examine. Some of them require registration to use the services, but most are still directly usable. Here are the URLs most targeted by malware in 2013, according to our research.



To protect Internet users, in 2010 McAfee introduced its own secure URL  shortener using the domain. This service was designed to provide the web community with piece of mind knowing that any link referred to was secure, containing no malware and not pointing to a malicious site.

If you follow any short URL, such as this one leading to the French CLUSIF association web page (hxxp://, you will notice that a frame is added to the top of the destination page confirming its good ranking from Site Advisor. Here the check mark is green:


But if you are redirected to a malicious URL, you will be stopped before it is too late.


To create these short URLs, you can find add-ons at the Google Chrome Extension repository and at the Firefox add-on site. You may use these facilities knowing that McAfee will help keep you safe.

About the Author


McAfee is the device-to-cloud cybersecurity company. Inspired by the power of working together, McAfee creates business and consumer solutions that make our world a safer place. Take a look at our latest blogs.

Read more posts from McAfee

Categories: McAfee Labs

  1. Right here is the right site for anyone who hopes to understand this topic. You know so much its almost tough to argue with you (not that I really would want to?HaHa). You definitely put a new spin on a topic that’s been discussed for years. Wonderful stuff, just excellent!

  2. Please kindly fix the Reporting link within that frame or get it to return a positively reported result. Right now all it does is load the home page of the short url service with no mention that a report has actually been generated. I just tried to report /ah9mq which was advertised in a recent spam and I couldn't tell if a report had been generated or not.

    It was also annoying that whoever used that short url just pointed it to yet another short service which is listed as green. Only thing that stopped the malware was a local copy of Avast.

    I do hope you folks will fix this major loophole.

Similar Blogs

Subscribe to McAfee Securing Tomorrow Blogs