.CM Named Most Dangerous TLD, .JP the Safest, by McAfee

Cameroon’s ccTLD (.CM) is the most dangerous TLD when it comes to malicious websites according to McAfee’s third annual Mapping the Mal Web report released this week.

[note: the report has been taken down from the McAfee website]

.CM overtook .HK (Hong Kong) as the riskiest domain. The safest TLD was .JP (Japan), being among the five safest TLDs for five years running..COM, the largest TLD in the world, jumped from the ninth to second most dangerous domain, while .GOV (government) is the safest non-country domain.

McAfee rated 27 million websites and 104 top level domains for their report and found 5.8 per cent posed a security risk, or more than 1.5 million risky websites.

The ccTLDs (country code Top Level Domains) ranked the most risky following .CM were .CN (China – 23.4%, up from 11.8% in 2008), .WS (Samoa – 17.8%, up from 3.8%), .PH (Philippines – 13.1%, up from 7.7%) and .SU, the ccTLD for the former Soviet Union with 5.2 per cent of .SU websites classified as risky with no ranking in 2008.

Cameroon, a small African country that borders Nigeria, jumped to the number one spot this year with 36.7 per cent of the .CM domain posing a security risk, but did not even make the list last year. Because the domain .CM is a common typo for .com, many cybercriminals set up fake typo-squatting sites that lead to malicious downloads, spyware, adware and other potentially unwanted programs.

A big improver this year was .HK (Hong Kong) following aggressive measures from the registry to clamp down on scam-related registrations last year, Hong Kong fell 33 spots from the most risky domain in 2008 to the 34th most risky domain in 2009. Now only 1.1 per cent of .HK sites pose a risk, whereas last year nearly one in five .HK web sites were risky.

The safest ccTLDs following .JP and rounding out the top five were .IE (Ireland), .HR (Croatia), .LU (Luxembourg) all with 0.1 per cent of websites with the various ccTLDs rated risky and then .VU (Vanuatu – 0.2%). All ccTLDs had less than one per cent of websites with the various domains rated risky in 2008.

Sites registered to the Asia-Pacific domains are significantly riskier than the overall web with 13 per cent of sites posing a threat. This region includes the second riskiest domain, .CN, and also, ironically, the safest with .JP..IE is Europe’s safest domain with only 0.1 per cent risky sites.”

This report underscores how quickly cybercriminals change tactics to lure in the most victims and avoid being caught. Last year, Hong Kong was the riskiest domain and this year it is dramatically safer,” said Mike Gallagher, chief technology officer for McAfee Labs. “Cybercriminals target regions where registering sites is cheap and convenient, and pose the least risk of being caught.”

As a guide, ccTLD domains from developing or less developed countries tended to be more risky than those from developed countries.

The report aims to help identify potentially risky TLDs, outlining the world’s riskiest and safest in terms of whether they contain risky websites and malicious downloads or send out spam. McAfee state their goal in doing this research is to encourage registries and users to become better educated and more aware of risky sites as well as celebrating safer TLDs so that others can follow their best practices.For more information and to download the report in full, see:
us.mcafee.com/en-us/local/docs/Mapping_Mal_Web_Summary.pdf [summary]
us.mcafee.com/en-us/local/docs/Mapping_Mal_Web.pdf [full report]