They train customers to click links that don’t match the company’s main domain name.
Brands love branded URL shorteners. When sharing shortlinks, why use a default bitly link when you can include your brand in the domain?
Many companies use short country code domains as part of their shortlinks. .To and .ly are favorites.
But there’s a problem with so many companies using these links; they train customers that they can safely click links to go to websites on domains that don’t match the company’s main domain name. This desensitizes people to potential phishing campaigns and other scams.
Consider the text message I received last night (pictured). The link is for chase(.)lc.
Several things jumped out to tell me this was a scam: it’s from a random phone number, I didn’t just place an order, and a merchant wouldn’t ask me to confirm something with Chase.
But the domain name was low on the list of warning signs. If I received a real message from Chase, I might expect the company to use something other than Chase.com as the URL shortener.
Financial companies need to train their customers to go to one domain, not many. The widespread use of branded shorteners throws a wrench into this.
(Chase(.)lc was registered yesterday at EPAG, and as of today, the links don’t work. .Lc is the country code for Saint Lucia.)