No more short links to anonymity

No more short links to anonymity

By Sorab Ghaswalla

Mumbai, September 27, 2012

In one of my previous columns I had written about online anonymity. One way that crooks, scamsters, cheats and spammers get away with it over the Internet is by using what are known as short links. 

For those of you unfamiliar with the concept, every site has a URL. It’s like a real world address. To find a particular site, you need to know its Uniform Resource Locator (URL) or address. Like any other postal address, a URL also has about three to four components, which one can say, are similar to house number, street, etc.
Now, one of the components of a URL is a host/host name. This essentially lets an Internet user roughly know where and on which server the site is being hosted. Not only is a URL necessary to understand the whereabouts and identity of a site, a complete URL is also in the interests of online transparency.
But over the years, those who use the net regularly realised one problem – URLs were becoming too long and unwieldy. I mean who can remember one URL, forget scores of them. So, someone online came upon this “brilliant” idea of shortening the URLs. This short form is called short links.
Dwarfing a URL means using what is called as an HTTP Redirect on a short domain name to a web page that has the original, long URL. Shorn of technical mumbo jumbo, it simply means a short URL or short link re-directs users to a page that is the holder of the actual, or the long URL. No rocket science in that.
One reason why the trend of using such short links also took off was because of micro-blogs and social networks like Twitter and Facebook. How could any one, while posting on such networks, be expected to key in such lengthy, and rather aesthetically unpleasant, URLs ?
Obviously the people who must have made short links a reality must have then sat back and basked in the glory of it all. After all, there was a noble thought behind the idea. Why unnecessarily burden Internet users with such long winding Net addresses, right? Those guys did not realize that there were fraudsters out there who decided to misuse short links for their own means. Because you see, by their very nature, short links disguise the original URLs or web addresses.
Now, if you were to use such a short link service for legitimate purposes, no issues. (There are many service providers who make free short links for you. One of them is But many Internet users have started using short URLs to send all of us spam or offers of get-rich-overnight schemes or worse still, Ponzi schemes where innocent investors are duped. Some nasties even re-direct you to a page which has malware on it.
It is difficult but not outright impossible to trace short links to their original locations. But it needs a lot of technical knowledge, something which average Internet users and the average cops, do not possess.
To tackle this menace, there are startups that claim to solve the identity mystery. Few and far in between, but I am sure, the nature of the Internet being what it is, many more will spring up soon.
One such startup that came online recently is These guys claim to possess the wherewithal to find out the true identity of the person who has sent you that short link. Now, the way Decryptlinks works is this – whenever you get a short lnk, either in your inbox or on any of the social networks, you can go to the Decryptlinks website. There, you will find a search tool bar. All that you need to do is to key in the short link and within moments, you are told of the following: 
*The URL of the actual website hidden behind the short URL.
*The security level of the identified website against online security systems in order to identify any potential risks. .
*A screenshot, where possible, of the identified website 
Then, it is upon the user whether he/she would like to go ahead and visit the website hidden behind the short URL.
Being a Netizen myself, I personally feel free sites like Decryptlinks provide a signal service for the betterment of the entire Internet community and need to be encouraged in order to make digital life a more secure one.

Previous columns by Sorab Ghaswalla