Shorter URLs help phishers hook more victims

Cybercriminals are shrinking host names of malicious sites to lend them an air of legitimacy, according to security researchers.Phishers are using shorter URLs for malicious sites in a bid to lend an air of legitimacy to threatening links.Internet Security Services, IBM’s online-security division, claims to have noticed a significant drop in the number of characters used by fraudsters in their phishing URLs.A post on ISS’s Frequency X blog stated that “analysts have been observing host names within fraudulent phishing URLs consistently arrive with lengths of between 30 and 37 characters”; observers “have noted a significant change” as phishing host names have shrunk down to an average of only 17 characters in recent weeks.