Application security, Malware, Phishing, Threat Management

Twitter to vet links with goal of curbing phishing attacks

Twitter on Tuesday launched a new service designed to curb phishing links delivered in the microblogging site's direct messages and email notifications.

URLs will be checked against a blacklist of fraudulent sites, such as ones hosting phishing attacks, malware or bogus, spam-related merchandise, the company said. The links will be shortened using Twitter's new URL shortener service,, so bad domains can be easily identified in the future.

If a user attempts to click on a link considered to be untrustworthy, users will be alerted via a warning screen.

"By routing all links submitted to Twitter through this new service, we can detect, intercept and prevent the spread of bad links across all of Twitter,"said Del Harvey, who heads Twitter's Trust and Safety team, in a blog post. "Even if a bad link is already out in an email notification and somebody clicks on it, we'll be able to keep that user safe."

News of the service comes as email security firm Barracuda Networks revealed Wednesday in a new report that one in eight Twitter accounts created in October "was deemed to be malicious, suspicious or otherwise misused and subsequently suspended."

Paul Judge, chief research officer at Barracuda, told that he was puzzled why Twitter isn't examining links delivered on the public feed, where a majority of malicious URLs reside.

"It's an ocean compared to the bathtub, so to speak, of malicious links showing up in direct messages," he said. 

In many cases, cybercrooks create fake accounts or take over legitimate accounts, Judge said. Then, they leverage Twitter's "trending topics" to determine what users are most commonly searching for, and then send out fraudulent links related to those hot terms as public messages.

Judge said he admires Twitter's first step toward admitting it has a malware problem.

"Now the journey begins of how proactive they're going to be in addressing security," he said. "[But] attackers are taking note and they'll be more creative. They were having it easy for awhile."

Twitter last summer began notifying users when they posted a link to a known malicious site. And in November, popular URL shortening service announced it was partnering with VeriSign, Websense and Sophos to deter malware.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.