Menu
Maintainers of new generic top level domains have a hard time keeping abuse in check

Maintainers of new generic top level domains have a hard time keeping abuse in check

For some new gTLDs the ratio of malicious domains is almost 80 percent, Spamhaus says

Generic top-level domains (gTLDs) that have sprung up in recent years have become a magnet for cybercriminals, to the point where some of them host more malicious domains than legitimate ones.

Spamhaus, an organization that monitors spam, botnet and malware activity on the Internet, has published a list of the world's top 10 "worst TLDs" on Saturday. What's interesting is that the list is not based on the overall number of abusive domains hosted under a TLD, but on the TLD's ratio of abusive domains compared to legitimate ones.

Over the years, lists of spam-friendly top level domains have typically had .com, .net and .org at the top. However, a TLD's trustworthiness ultimately relies on the ability of the organization that manages it -- known as the registry -- to police its name space and to enforce rules for its resellers, the registrars.

If, for example, 1 percent of all .com domains were used for malicious activity, one could say that the .com registry, Verisign, is doing a relatively good job at keeping the abuse rate down. The problem is that because the .com TLD is so large, its 1 percent might represent more malicious domains than in a much smaller TLD where the rate of abusive domains is actually 50 percent.

Therefore, comparing good-vs-bad ratios is a better way to determine which registries care more about their TLDs' reputation, something that ultimately affects their legitimate customers.

"Spam and other types of abuse continue to plague the Internet because bad actors find it very cheap and very easy to obtain thousands of domain names from the Top Level Domain registries and their resellers, the registrars," Spamhaus said in a blog post. "A few registrars knowingly sell high volumes of domains to professional spammers for profit, or do not do enough to stop or limit spammers' access to this endless supply of domains. These registrars end up basing their entire business model on network abuse."

Based on Spamhaus' data, some of the generic TLDs that have been created in recent years thanks to ICANN's relaxed policies are not doing enough to stop abuse. This could be either because they're inexperienced at tackling such issues or because they care more about revenue than a clean Internet.

At this time, Spamhaus' 10 Worst Top Level Domains list looks like this: .download with 76 percent bad domains; .review with 75.6 percent bad domains; .diet with 74.3 percent bad domains; .click with 72.4 percent; .work with 65 percent; .tokyo with 51 percent; .racing with 50.8 percent; .science with 49.9 percent; .party with 45.3 percent and .uno with 42.5 percent.

Some TLD owners claim that it's up to resellers to deal with cases of domain misuse and policy violations, but if they don't force those resellers to take action, nothing will change, Spamhaus said. "A good number of the TLDs succeed in keeping spammers off their domains and work to maintain a positive reputation; this shows that, if they wished to, any TLD registry can 'keep clean'."

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Slideshows

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

Ingram Micro completed its nationwide roadshow in Auckland last month, kicking off its Innovation Hour series with Hewlett Packard Enterprise. Uncovering the latest in storage, networking and servers, the event outlined key market trends for resellers in 2016 and beyond.

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise
IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

FireEye welcomed 143 channel partners and distributors to FireEye's 2016 annual Partner Conference, FireEye A/NZ Momentum - held at Establishment in Sydney. Delegates heard from senior trans-Tasman channel leaders, marketing and the product divisions in the morning, with FireEye customers, incident responders and threat intelligence analysts sharing knowledge during the afternoon.

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference
​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​

​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​

With New Zealand businesses now open to innovation, the industry sits on the cusp of significant disruption in the data centre. Driven by software-defined networking, the future of the data centre is fast becoming reality, as the channel seeks to keep up, keep innovating and keep growing. APC by Schneider Electric, Lenovo and key partners outlined how the channel can capitalise at The Grill restaurant in Auckland.

​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​
Show Comments