Back in 2014, ICANN, the organization primarily behind the governance of the Internet, opened up the world to massive amounts of new top-level domains (TLDs) beyond the .com, .org, and .edu domains we were used to. The goal was to begin fixing a problem of the .com domains causing negotiations for people who would gladly offer five or six figures in order to claim the (E.G.) [bikes].com URL for their business.
With a huge number of new websites added to the Internet on a daily basis, the idea was that we needed to reach beyond the six or so locked down TLDs that were available at that time.
The results have been interesting to analyze from a cybersecurity risk standpoint. Spamhaus.org, an international nonprofit organization that tracks spam and related cyberthreats, recently published stats about the spammiest, riskiest TLDs on the Internet. Brian Krebs also wrote a great piece on the report that’s worth a read. It seems the “badness index” for TLDs such as .men, .work., and .click are a few of the highest on the worst list.
And, no, this isn’t just an issue hitting Australia (the “Down Under”); obviously, we just wanted to make a bad pun about Men at Work. We apologize.
The list below is a snippet from the Spamhaus.org report:
“A TLD may be “bad” in two ways. On one side, the ratio of bad to good domains may be higher than average, indicating that the registry could do a better job of enforcing policies and shunning abusers. However, some TLDs with a high fraction of bad domains may be quite small, and their total number of bad domains could be relatively limited with respect to other, bigger TLDs. Their total “badness” to (Read more...)
*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Sally Feller and Cylance Research and Intelligence Team. Read the original post at: https://threatvector.cylance.com/en_us/home/steer-clear-of-these-risky-top-level-domains.html