Firefox Addon Fights Social Network Phishes

Today's Best Tech Deals

Picked by PCWorld's Editors

Top Deals On Great Products

Picked by Techconnect's Editors

Crooks are targeting social network sites such as Twitter and Facebook with aggravating attacks that might send a message that reads "Don't Click! www.tinyurl.com/XXXXXXXX." But a Firefox addon called LongURL can quickly reveal the real URL and foil the scam.

At the ongoing RSA security conference today, Graham Cluley of Sophos displayed examples of both malicious and prankster attacks on social networks, including a Twitter attack like that described above, and the recent "Mikeyy" worm. Many of those examples used TinyURL or another link-shortening service to hide a malicous link in a profile post or message. Twitter users in particular often make legit use of the service to save space in messages.

One option for TinyURL is to cut and paste the link in a new browser tab, and append 'preview' to the link, as described here. But Cluley said he instead uses the LongURL addon when he browses with Firefox, and after trying it myself, I understand why.


The tool displays the full URL in a small pop-up when you hover your mouse over a URL shortened by TinyURL or other service, neutering any attack that might depend on obfuscating a clearly unwelcome URL. It's one of those nice, no-brainer solutions.

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.
  
Shop Tech Products at Amazon