Shortened links are a convenient way to broadcast end links, especially when it comes to complex, large projects, online stores with sorting and custom tags. In this case, marketers can easily “wrap” long end links in a short link. Such a link can be placed in any messenger, it can be sent via a simple SMS with only 10 characters.
It is easy to generate a beautiful QR code from it, because the shorter the link, the smaller and more readable the QR code will be. Such links can be simply memorized and dictated by voice. This is a very convenient method of transmitting a hyperlink.
At the same time, short links carry many hidden dangers. It's unfortunate that scammers from all over the world use any good thing for their own gain. Short links are no exception.
How do fraudsters use shortened links?
Hiding a phishing link - usually, fraudsters generate hundreds or thousands of “dirty” links on domains and subdomains, and they are quite easy to identify with the naked eye. But if such a link is hidden behind a short link of a popular shortener, an inexperienced user will hardly feel the danger.
Redirect to redirect - in order to hide the final link from checking systems, fraudsters often use many shortening services, although they place the phishing link far at the end of the redirects. This can be used for many fraudulent schemes, so if you see that you are redirected to a new URL several times, close the browser tab.
End link spoofing - a fraudster can “seed” a short link with a useful end link to a survey, an interesting article, or a donation. You can repeatedly use such a link and not even notice how, after a while, you will be redirected to a new link that will be absolutely identical to the old one. Always check where you enter your personal and card information
How to protect yourself from phishing?
Modern technologies allow you to identify phishing sites quite quickly, it may take only a few hours from the start of the phishing domain before browsers will mark such a site as dangerous. However, time may not be on your side and you may find yourself in the middle of a phishing campaign.
So if you receive a link and have doubts, use a special short link checker service. The tool will follow the redirect chain for you, capture the page information, check for presence in Google SafeBrowsing databases, and provide a verification report, and you can decide for yourself whether the final link is useful for you or not.