Twitter has announced that it is to start scanning all tweets for links to sites which may cause harm to its users.
The system, which goes live today, is similar to those used by services such as Gmail and will automatically check link destinations. Links embedded in personal messages will be routed through Twt.li, Twitter’s own URL compressor for added safety.
Del Harvey, director of Twitter’s trust and safety team, elaborated the new policy in a blog posting:
Today, we’re launching a new service to protect users that strikes a major blow against phishing and other deceitful attacks. By routing all links submitted to Twitter through this new service, we can detect, intercept, and prevent the spread of bad links across all of Twitter. Even if a bad link is already sent out in an email notification and somebody clicks on it, we’ll be able keep that user safe.
Since these attacks occur primarily on Direct Messages and email notifications about Direct Messages, this is where we have focused our initial efforts. For the most part, you will not notice this feature because it works behind the scenes but you may notice links shortened to twt.tl in Direct Messages and email notifications.
Users won't notice any difference because the service works behind the scenes, Twitter said. But users may start to see short links using Twitter’s own “twt.tl” URL shortener in direct messages and e-mail notifications.
Phishing scams on Twitter usually involve attackers trying to obtain the login credentials of Twitter users, and then sending spam messages from the stolen accounts in a bid to make money, Twitter said on its blog last month. Twitter also fights phishing scams by watching for affected accounts and resetting passwords, it said.
Phishing attacks ballooned on Twitter last year as the service grew in popularity. Twitter's new link-screening service comes after it last year started using Google's Safe Browsing API to check for malicious content in links posted by users.
Sources and Additional Information:http://www.computerworld.com/s/article/9168378/Twitter_to_begin_screening_some_links_for_phishing