Free hosting services, used along with URL shortening services, are being used to trick existing computer security systems, according to Nicholas Johnston, a  senior software engineer for Symantec Hosted Services.

Researchers from Semantic have discovered a new group of spam e-mails making the rounds that they believe are connected to the Cutwail botnet.  Inside the e-mail is a link provided by a link shortening that routes to a an account on a free hosting service.

Once the user lands on the freely hosted website, a specially crafted JavaScript code redirects the user to another site with a retail sales page.

According to Johnston, the JavaScript code on the page has been obfuscated to hide the code from security systems, which complicates matters even more.

The site that the user eventually ends up on advertises holiday and gift giving ideas, according to Symantec.

After that point, the spammer can benefit from sales on the site or by ‘phishing’ for credit card and other personal information that can be used for identity theft. 

The use of URL shortening services is a trick that has been used by spammers to hide their actual URLs in spam e-mail for years. This new system of hiding combines techniques to increase the deception.

“Redirecting users in this way shows that spammers are going to considerable lengths to hide the addresses of their actual spam sites,” Johnston said, “And actively trying to make more difficult detection by anti-spam companies.”