Twitter has just announced that it is launching a new anti-phishing feature that allows Twitter’s Trust and Safety team to monitor all links submitted through the service for potentially malicious attacks. Part of the new feature will involve the use of Twitter’s link shortener twt.tl, which may now start popping up in some of your emails and direct messages.
At this point, it’s not really clear which links are being converted to Twitter’s twt.tl shortened links. We just ran a test at the TC office with two different links: one for an article on GigaOm, and another for a bit.ly link that pointed to a page on Google Buzz. The links I received on my Twitter client were both unchanged, but both were converted to twt.tl links in our Email notifications (obviously neither of them had malicious content).
From the Twitter blog:
Today, we’re launching a new service to protect users that strikes a major blow against phishing and other deceitful attacks. By routing all links submitted to Twitter through this new service, we can detect, intercept, and prevent the spread of bad links across all of Twitter. Even if a bad link is already sent out in an email notification and somebody clicks on it, we’ll be able keep that user safe.
Since these attacks occur primarily on Direct Messages and email notifications about Direct Messages, this is where we have focused our initial efforts. For the most part, you will not notice this feature because it works behind the scenes but you may notice links shortened to twt.tl in Direct Messages and email notifications.
Image via ToastyKen
It’s a nice approach, I must admit, but I can’t guess at the volume of links that are tweeted daily. Would be interesting to try to build a malicious link detection system.
Ah yes, finally! Reroute your DNS too so we can avoid that defacing hack again.
Will be interesting to see if they apply this to web links as well. Could really hurt folks like bit.ly
Not sure they will, but they have good position to do this and avoid negative PR because of the phishing/spam component.
Yet another URL shortener? Clearly this idea will never work. Give me a case of Mountain Dew and I could have developed this app over the weekend.
you, my friend, have no idea what you are talking about.
More than “yet another”, it’s moving toward a standard which is good for protection. We need a company like Twitter to take the lead on this. Many shorteners trying to keep up with malicious links isn’t reasonable.
I was being sarcastic.
If these links are monitored, It can, and has worked, on other large sites. By shutting off these spammy and scammy urls, they are forcing the scammers to constantly keep working in order to make twitter a lucrative revenue source.
Wouldn’t it make more sense for bit.ly to work on this not just for Twitter, but for all kinds of links?
What about tcrn.ch then?
Bit.ly isn’t the only shortener I guess. Any way, this is a much needed move by Twitter.
Sweet… So I wait till I see it showing up as a twt url and then upload the naughty stuff to the site I jacked.
Never add features that make people think things are safe cuase it’s been “checked”… well, ok, you can, just dont tell anybody.
As I was saying…
Glad to see this happening. Go Twitter!
How can they check every URL tweeted? This is impossible and I highly doubt they can and they are probably doing a smoke and mirrors thing here.
The second you post a URL it is live, the only way this would work is if your tweets were held for moderation, which would blow the whole Twitter premise.
Please Twitter, how stupid do we look to you?
It’s actually rather easy, when a user tweets a link, it automatically creates a twt.li shortened link (instead of a bit.ly) which maps to the URL that you tweeted (like any other URL shortener).
When someone clicks on that link that you tweeted Twitter can then use the cURL function (in PHP, not sure what it would be in Rails, like what would be in Twitter’s case) to crawl the site for the content of the page to screen for potential threats.
If the page contains words that can be deemed “phishy” or “spammy” Twitter denies the redirect and instead displays a message to the user trying to visit the link that the page they’re trying to access may be trying to gain access to their personal information.
Boom. It’s really not that hard, pretty basic stuff.
It’s actually a really smart idea on Twitter’s part.
Who’s stupid now? =P
Jason, when you used the twt.tl in the email did it still get routed through bit.ly in some way? Meaning did it count it the bit.ly statistics?
(One of the main reasons why I use bit.ly is for the statistics.)
twt.tl?? twt.tl?!
I know these shorteners aren’t suppose to make sense or spell out correctly, but wouldn’t something like “twt.cm” have been a better choice and better align with their brand?
Now when I see “twt.tl” pop up, I’ll think “tweettle” (dee) or “twittle” (dum). Nice branding guys.
it never ceases to amaze me how much expense companies have to go through just to protect stupid microsoft users.
is there such a thing as a malicious link if one uses linux? i’ve been running linux seven years now and haven’t found one. i would love to see one.
Yes. Linux users can still get phished. And clickjacked. And csrfed. And xssed.
Links don’t have to be malware-related to be malicious.
you have no idea what you’re talking about. most phishing is operating system and browser agnostic. any browser in any operating system will render the same trick site to lure you into entering your credentials.
I don’t care for this.
It will decrease my chances of making big bucks from helping Nigerian widows acquire their [former] husband’s bank assets.
Not long ’til they start adding affiliate links through their url shortener!
Twitter Router. The safety team is just another word for control. The control freaks have gotten to twitter. One day we will just have to send smoke signals because evrything else will be controled