The HE sector, like other sectors, is seeing an increase in the use of shortened URLs in phishing and malware scams.
When examining a long URL it is relatively easy to determine the nature of the target and the possible risk posed by clicking on it. There are mechanisms for transforming and exposing the real URL behind a short URL, though not widely known, so short URLs pose an increasing and significant risk.
Institutions can deal with the problem in a number of ways, such as blocking the use of short URL domains within the local network, or user training.
Blocking the use of short URLs within a local HE network would pretty much break the use of social media and other services for staff and students. Has anyone implemented an automated solution? Such as using auto translation of short to long URLs followed by auto domain checking against an exclusion list at some stage in the network before URLs are passed for resolution.
Regards,
--
Joe Hoyle
Senior Manager, Digital Marketing
Marketing, Recruitment and Admissions
London South Bank University,
103 Borough Road, London, SE1 0AA
Tel: +44 (0)20 7815 6037
Email: [log in to unmask]">[log in to unmask]