Free domain names like fuel to malware fire


Cheap or free registration of new domain names drives the growth in Web sites used for spamming or hosting malicious software, according to research from McAfee Inc.

The study, released Monday, highlights continuing problems concerning how Web sites are registered and the ease with which bad actors can change Web sites to continue online scams.

McAfee analyzed 8.1 million of the world’s most trafficked Web sites registered on 265 top-level domains (TLDs), such as “.com” and “.biz” along with country-specific ones, such as “.jp” for Japan.

McAfee offers a free tool, SiteAdvisor, that determines if Web sites send spam, host bad programs or have excessive pop-ups. McAfee, which bought SiteAdvisor Inc. in April 2006, also offers a pay version with more advanced features.

Small islands with their own TLDs remain troublesome. For example, some 18.5 percent of Web sites registered under the “.st” TLD are considered “risky” for either spam or other malicious activity, McAfee said. The TLD belongs to Sao Tome and Principe, a country of two volcanic islands west of Gabon.

Tokelau (.tk), a territory of New Zealand in the south Pacific, and Niue (.nu), also in the south Pacific east of Tonga, give out domains for free. That’s good for scammers, who often need to register new domains as older ones are blocked by security software.

Niue also allows anonymous registration of Web sites. Nine years ago the country declared “no tolerance” policy against spammers, but McAfee said it wasn’t a deterrent.

The safest TLDs belong to countries with stronger registration rules. Japan, Ireland, Sweden and Finland require a local postal address, while businesses in Norway have to register with the government to get a “.no” domain. Consequently, McAfee found the lowest percentage of bad Web sites in those domains.

Australia and Canada, McAfee said, require a local contact for registration, which often deters spammer since registrations take more time.

The “.info” domain ranked first among generic TLDs for its percentage of risky sites, at 7.5 percent, McAfee said. The domain also hosts many Web sites that send “spammy” e-mail, the vendor said.

SiteAdvisor submits an e-mail address to Web sites and counts how many e-mails are received. Users have a 73.2 percent chance of receiving a spam e-mail by giving their address to a random “.info” site, McAfee said.

The “.com” domain — created in the 1980s — came in second for risk, with 5.5 percent of its Web sites considered questionable, McAfee said.


Related Download
Improving the State of Affairs With Analytics Sponsor: SAS
Improving the State of Affairs With Analytics
Download this case study-rich white paper to learn why data management and analytics are so crucial in the public sector, and how to put it to work in your organization.
Register Now