Tag: malware

McAffee put out their annual “Mapping the Mal Web” report. It is a PDF that lets you know how risky a website in a Top Level Domain (TLD) can be. Since the .com is so widely used, it’s easy to say it’s on the top of the list. But it’s not #1 – that dubious honor is left to Camroon – the .cm domain.

I always said that TLD’s in other countries are not the best way to go for a domain. Generic TLDs are controlled by the Internet Assigned Numbers Authority (IANA). These include .com, .net, .edu, .org, .biz and a host of others. This is because an individual company that holds a TLD could fold at any time and the TLD with it.

Take the case of .md – It was a TLD held by an independant company from 1995 – 2003. On May 20th, 2003, the IANA was informed that the parent company – dot MD, LLC – fell under chapter 11 bankruptcy. The TLD was in flux for a while, but eventually became sponsored (which is all you can ever do for a TLD) by MoldData.

In the case of .md, health care or those in Moldova, would use this TLD. If this was a TLD that really didn’t work for a country or a profession (let’s say .qq), it would have most likely been disbanded unless a new sponsor was found. Also, unless you were a doctor or one of 3.5 million residents of the country, this TLD would show small risk for malware.

The top 3 on McAffee’s list – .CM, .COM and .CN. The 3rd is the People’s Republic of China, but what’s more interesting is the fact that if you accidentally mistype, you could easily go to google dot cm or google dot cn.

McAffee stated in their report that 5.8% of all domains showed risk. Up from last years’ 4.1%. Seven of the twenty riskiest TLDs were in the Asia – Pacific region. .CM came in with a risk level of 36.7%, .com was at 32.2% , .cn was 23.4% and .info was at 15.8%.

On a good note, Hong Kong dropped from the top 10 in 2008 to 34th place. Therefore, some TLDs are doing a lot to make their areas of the web a little safer. Congrats .hk.

On the other end of the spectrum, .gov (Government), .jp (Japan), .edu (Education), .ie (Ireland) and .hr (Croatia) are the least risky. It makes perfect sense with .gov and .edu – because you need to be in government or education to have the TLD. However, Japan, Ireland and Croatia were a surprise – especially since with Ireland you can easily make words out of the TLD, like Carr.ie, bird.ie, coll.ie, yupp.ie and microsoft.ie (could point to MS’s Internet Explorer website).

McAffee checked sites on each TLD for Viruses, spyware and what they call “Potentially unwanted programs (PUPs). Overall, malware downloads decreased slightly in this last year. 2009 showed a 4.5% risk of downloads as opposed to 4.7% in 2008. Romania (.ro) topped the charts with 21% risk. .info had 17.2% risk for email malware.

Still, out of 27 million domains, only 5.8% had risk to them. It’s still up from 4.1% of 2007 and 2008, but McAffee did mention they changed their methodology to the report to show the 5.8%. They also mentioned that there are still “Hidden risks” out there that McAffee is determined to find.

So before you buy your next domain, check out the .pdf. It’s a pretty informative document on not only which top level domains are risky, but who your giving your money to. Did you know that .ly is the ccTLD (country code Top Level Domain) for Lybia? Did you also know that if you buy a .ly that you are helping the sponsor – General Post and Telecomunications Company?

Not to say it’s a bad thing, but it’s definitely something to think about.