Risk from shortened URLs

Nowadays, URLs contain all sorts of information and they can get very long. So a lot of people have started using services like tinyurl to shorten their URLs. The problem with this is that a regular person will not know what that actually URL points to. This can result in users clicking on links that might actually point to phishing sites.

Services such as tinyurl allow one to shorten URLs. Take for example, the following url:
http://www.something.com/phishingpage.html?src=user1@domain.com&target=website.com
This URL can be shortened to something like the following:
http://tinyurl.com/domain-login-html
These shortened URLs can sometimes result in security compromises, particularly phishing attacks.

The previously posted article on Phishing shows how a phishing attack works and what to do to protect yourself against it. One of the things that is recommended is to look at the links that you are clicking on to ensure that it is a trusted website. Anyone can create a web page that looks like a website that you frequently visit. But the link will not be the same.

The question is what you can do to ensure that you are clicking on a trusted link and not on a link to a phishing site? There are sites like untiny.com that decipher the shortened URLs. You can now know what those links point to before actually clicking on the link. You just go to the site, put in the shortened link and submit to get the expanded original link. You can then verify if it is a link that you trust. The recommendation is that you do not visit a site that you do not recognize.