Are URL Redirection Services Safe to Use?
What are Redirection Services?
A user of a redirection service enters a URL (or link) and the service provides a much shorter address that can be used as a replacement. These shortened and obscured links can be used in email, on websites or in IM sessions. Such services have been growing in popularity since at least 2002.
Some popular URL redirection services include:
Uses of These Services
These services can be used for several different reasons, including:
- Convert long and complex URLs into short ones that are more human-friendly and convenient to use. These shorter links are easier to use in email, chat sessions, or giving to someone over the phone.
- Redirected URLs can be used to hide affiliate codes in an link. Some marketers use this technique to hide the fact that they are an affiliate of the target website.
- Some services allow users to track click behavior.
How They Work
The user provides the service with a long URL, which gets added to their database. This long URL is associated with a much more convenient URL that either provided by the service or chosen by the user. It is important to note that the association is completely controlled by the service.
Are They Safe?
We are certain that most if not all redirection services are upstanding members of the internet community. Imagine however, if the service was sold, or was hacked. The associations could easily be changed to new destinations. Why would such a service make such an alteration? The financial reward could be immense.
Imagine the potential windfall of redirecting tens of millions of active links to some merchant site which will provide affiliate revenue for referrals. Unsuspecting users would click on these links and arrive at an unintended destination. Of course, only a small number of these visitors would convert into paying customers, but a small percentage of an enormous number can still be significant.
We have no evidence that a URL redirection service is using this technique; we are merely illustrating how such a service could abuse the trust their users have given them.
Alternatively, a hijacked service could replace known affiliate codes with their own affiliate code to reap commissions on links directed at ecommerce sites.
Redirecting Images
The same is true for image redirection services such as imgred. Imagine if after years of collecting image replacements, the then-owners of the service — or a hacker — was to replace all images with an image of their choice. Hundreds of thousands or even millions of images all over the web would be under their control.
Conclusion
If your link is intended to be used for a short period of time, then these services are fine. If, however, you have a more permanent link that you want to post on a website, then you should realize that you are giving away valuable control to an external entity. If you want to use redirects for a more permanent or important application, make sure you trust the redirection service thoroughly.