cispa_all_3029.pdf (3.83 MB)

Deceptive Previews: A Study of the Link Preview Trustworthiness in Social Platforms

Download (3.83 MB)
conference contribution
posted on 2023-11-29, 18:12 authored by Giada Stivala, Giancarlo PellegrinoGiancarlo Pellegrino
Social media has become a primary mean of content and information sharing, thanks to its speed and simplicity. In this scenario, link previews play the important role of giving a meaningful first glance to users, summarizing the content of the shared webpage within their title, description and image. In our work, we analyzed the preview-rendering process, observing how it is possible to misuse it to obtain benign-looking previews for malicious links. Concrete use-case of this research field is phishing and spam spread, considering targeted attacks in addition to large-scale campaigns. We designed a set of experiments for 20 social media platforms including social networks and instant messenger applications and found out how most of the platforms follow their own preview design and format, sometimes providing partial information. Four of these platforms allow preview crafting so as to hide the malicious target even to a tech-savvy user, and we found that it is possible to create misleading previews for the remaining 16 platforms when an attacker can register their own domain. We also observe how 18 social media platforms do not employ active nor passive countermeasures against the spread of known malicious links or software, and that existing cross-checks on malicious URLs can be bypassed through client and server-side redirections. To conclude, we suggest seven recommendations covering the spectrum of our findings, to improve the overall preview-rendering mechanism and increase users’ overall trust in social media platforms.


Preferred Citation

Giada Stivala and Giancarlo Pellegrino. Deceptive Previews: A Study of the Link Preview Trustworthiness in Social Platforms. In: Network and Distributed System Security Symposium (NDSS). 2020.

Primary Research Area

  • Empirical and Behavioral Security

Secondary Research Area

  • Threat Detection and Defenses

Name of Conference

Network and Distributed System Security Symposium (NDSS)

Legacy Posted Date


Open Access Type

  • Unknown


@inproceedings{cispa_all_3029, title = "Deceptive Previews: A Study of the Link Preview Trustworthiness in Social Platforms", author = "Stivala, Giada and Pellegrino, Giancarlo", booktitle="{Network and Distributed System Security Symposium (NDSS)}", year="2020", }

Usage metrics


    No categories selected


    Ref. manager