“The problem is that some of these link shortener services use aggressive advertising techniques such as scareware ads: informing users their devices are infected with dangerous malware, directing users to download dodgy apps from the Google Play store or to participate in shady surveys, delivering adult content, offering to start premium SMS service subscriptions, enabling browser notifications, and making dubious offers to win prizes.”
ESET said depending on which devices you’re using, these URL shorteners can pose different threats.
For instance, iOS users could be flooded with unwanted ads and see their calendars filled with events that spam them and trick them to click on dangerous links.
While Android users could be prompted to download a malicious APK app which loads what ESET has dubbed the Android/FakeAdBlocker malware.
This downloads and executes payloads such as banking trojans, SMS trojans and aggressive adware to Android devices.