Phishing Attacks Leveraging t.co Links Surge by 61% Globally

Phishing attacks have seen a significant global surge, with a reported 61% increase in unique phishing sites observed over the past year. Cybercriminals are increasingly exploiting legitimate URL shorteners, including X's (formerly Twitter) t.co domain, to mask malicious links and bypass security filters, leading to an all-time high in such attacks in 2023. These sophisticated campaigns aim to trick users into revealing sensitive information or downloading malware.

The t.co domain, X's official URL shortener, is designed to protect users and provide analytics, but its legitimate nature is being exploited by scammers. This misuse lends a false sense of security, as users might mistakenly believe a link is safe simply because it originates from an X-branded URL. As one report from did2memo.net cautioned, users should "not think it's safe just because it's an X (formerly Twitter) URL."

Scammers frequently impersonate trusted entities such as package delivery services, banks, government agencies, and online retailers. These malicious t.co links are often distributed via SMS messages (smishing) or social media posts, preying on urgency or user trust. A recent post on X by a user identified as smolting (wassie, verse) included a t.co link, illustrating the common appearance of such shortened URLs within social media feeds.

Cybersecurity experts strongly advise vigilance, even with links that appear legitimate. Users should always verify the sender's identity and hover over links before clicking to reveal their true destination. Companies like Trend Micro recommend using URL expanders or checking the domain reputation to identify suspicious links and protect against data theft or malware infections.