URL shortening services, like goo.gl, bit.ly, or ow.ly, are very popular on the Internet nowadays and are frequently used. These services are a good and useful product that make the everyday use of the Internet easier and more pleasant for everyone. They take ugly and long URLs and make them short and easy to remember.
Certain services offer the option of having insight into the click analytics, so that we can track how many sad souls clicked on the link to the Lana Del Rey’s song that we posted on our Facebook profile: http://goo.gl/a1E3J
However, bit.ly took it even further, in addition to offering analytics and having a certain kind of a social network, with allowing users to create custom URLs (for example: http://bit.ly/sikanja takes you to my LinkedIn profile). I find playing with this particularly interesting and I often make custom URLs for lots of different things (by the way, bit.ly is not the only service that offers this feature).
Why am I mentioning these services on the fraud and security blog? They’re infamous for their abuse in spam and phishing attacks, but this time we’re not going to talk about that. In this post, I will show you an example of how improper use of these services can jeopardize both your privacy and the information security of the company you work for. Also, marketing managers will find useful information about spying on the yet unpublished information by their competitors.