McAfee classifies the riskiest domains on the Internet

June 8, 2008

McAfee has released a comprehensive map of malicious web sites across the Internet. They compared the ratings of web sites found in each of the 265 country and generic Top Level Domains (TLD), by testing for a wide variety of unwanted behaviors such as web sites that engage in drive-by downloads, host malware, engage in phishing scams, deliver excessive pop-ups, and spam submitted e-mail addresses. Among the findings:1

* Overall risk in 2008 remains roughly constant compared to 2007.

* Honk Kong (.hk) soared in 2008 to become the most risky country TLD, with 19.2 percent of all sites tested rates red or yellow. China (.cn) was second with 11.8 percent.

* Romania (.ro) and Russia (.ru) continue to be risky surfing destinations; 6.8 percent of Romanian and 6.0 percent of Russian domains are rated risky.

* The most risky generic TLD remains .info, with 11.7 percent of all sites tested rated red or yellow. The most popular domain, .com, is rated ninth riskiest overall with 5.3 percent, and is the fourth riskiest generic TLD.

* The five least-risky TLDs are Slovenia (.si), Norway (.no), Japan (.jp), Governmental (.gov) and Finland (.fi) each with 0.2 percent or fewer domains rated risky (.fi and .gov being the lowest at 0.05 percent each).

One of the main reasons for a given TLD's popularity among scammers is cost. In McAfee's first Mapping the Mal Web study last year, the Tokelau (.tk) domain was rated the most risky. At the time domain registration there was free. The tiny island of 1,500 inhabitants sold its TLD to a Dutch entrepreneur and the fees from the sale generate 10 percent of the island's GDP. McAfee's report last year spurred Dot TK, the country's TLD manager, to reexamine its policies. The registrar installed software designed to weed out scam registrations, and they no longer offer unlimited free anonymous registration, with only URL and e-mail forwarding remaining free.1

According to McAFee's results, these changes are working. The amount of risky Tokelauan web sites dropped from 10.1 percent to 1.43 percent.1

McAfee's 14 page "Mapping the Mal Web, Revisted" report can be downloaded here.

1. "Mapping the Mal Web, Revisited", McAfee, June 4, 2008