ICANN new generic Top Level Domains logo

Could It Be? Study Finds 95% Of Websites In 10 New gTLDs Suspicious.

ICANN new generic Top Level Domains logoA study from Blue Coat Systems claims that more than 95 percent of websites in ten TLDs, including nine new gTLDs, are rated as suspicious, with that percentage increasing to 100 percent for the top two highest ranking TLDs, .zip and .review.

Blue Coat Systems claims to be a market leader in enterprise security. In their study they analysed hundreds of millions of Web requests from more than 15,000 businesses and 75 million users to create “The Web’s Shadiest Neighborhoods,” a new report that combines research with tips and tricks for Web users and enterprise security and IT departments looking to avoid viruses and other malicious activity. And they hope drums up some business. For their research, Blue Coat counted a domain as “shady” if it was rated in its database with a category such as spam, scams or suspicious, for the most common malicious activities and malware, botnets and phishing for the less common malicious activities.

Apart from .zip and .review, the study looked at .country (which had 99.97% of shady sites), .kim (99.74%), .cricket (99.57%), .science (99.35%), .work (98.20%), .party (98.07%), .gq (Equatorial Guinea – 97.68%) and .link (96.98%).

It’s a rather strange selection of gTLDs with only four in the top 20 of the new gTLDs when it comes to registration numbers – .science (3rd), .party (7th), .link (8th) and .work (13th).

And it includes backend registry services provided by Neustar ,Uniregistry, Minds + Machines, Google and Afilias. All big players. It all sounds a bit dubious.

Blue Coat say that the percentages are based on categorisations of web sites actually visited by their 75 million users. A TLD having 100 percent shady sites correlates to sites categorised by Blue Coat.

The report also reveals examples of nefarious activity taking place on shady websites of some of the top ranked Shady TLDs, including the fourth most seemingly dangerous neighbourhood, .kim. Blue Coat researchers recently discovered websites serving up pages which mimic popular video and image sites and prompt unprotected visitors to unwittingly download malware.

“Due to the explosion of TLDs in recent years, we have seen a staggering number of almost entirely shady Web neighbourhoods crop up at an alarming rate,” said Dr. Hugh Thompson, CTO for Blue Coat Systems. “The increase in Shady TLDs as revealed by Blue Coat’s analysis is in turn providing increased opportunity for the bad guys to partake in malicious activity. In order to build a better security posture, knowledge about which sites are the most suspicious, and how to avoid them, is essential for consumers and businesses alike.”