/security-awareness-training/blog/secure-options-url-shorteninginto this shortened URL:
http://tinyurl.com/4umda63The security risk with a shortened URL is you cannot tell where you are going when you click the link, you have to trust the sender. As a result, some organizations teach their employees not to trust shortened URLs, or simply block them at their network gateway. This poses a problem for the OUCH! team, as we use URL shortening so long URL's can fit in our newsletters. At the same time we have to respect the security risks that come along with that (this is a security awareness newsletter after all). The solution we have adopted is preview mode. By prepending 'preview' to a TinyURL, the service does not send you directly to the destination website. Instead this takes you to a landing page that gives you preview of where you will ultimately go.
http://preview.tinyurl.com/4um...As long as you can trust the URL shortening service, preview mode eliminates many of the risks associated with URL shortening. The one thing that surprises me about Preview though is how many people, even in the security community, are unaware of this functionality, of how this can be a safe alternative. TinyURL is currently the only shortening service I know that offers this. I think it would be great to have others offer it also.
_Joins_Forces_with_SANS_Security_Awareness_-_340x340_Thumb.jpg "SSA_-_Blog_-_Women_in_Cybersecurity_(WiCys)_Joins_Forces_with_SANS_Security_Awareness_-_340x340_Thumb.jpg")
