Symantec published a report linking URL shortening websites to cyber crime. People are invited to click on a link that takes them to a website advertising URL shortening, but they become vulnerable to phishing and malware attacks instead.
Last week just before WordPress announced a serious breach of security I had three days with of high visiting volumes to the homepage of my weblog. Most came from .cz sites with unintelligible names, but the one standing out most was from a company advertising short urls. After the announcement of the breach by WordPress all these unusual hits stopped, but also the overview of the hits had disappeared from my site statistics. Was this a coincidence? I had reported to WordPress the day before the announcement. In the answer it said that this sometime happens, this unexpected referring to a weblog.
In other words, my advice remains: do not click on what you do not know. Not even when “the invitation” comes from someone you know or have a relation with, like WordPress. At best check whether something was sent to you on purpose.
FYI. I found out about the URL site behind referring all this traffic to my weblog homepage by copying the url into my browser. I was told this is safer than clicking on the link.
New passwords: a warning
As the hackers that breached WordPress’ security may have accessed personal data also, like your password, you may want to change this and certainly if you use the same password elsewhere.
Wout de Natris, De Natris Consult
Leiderdorp, 18 April 2011