Free domain names like fuel to malware fire

COMMENT ON THIS ARTICLE

Cheap or free registration of new domain names drives the growth in Web sites used for spamming or hosting malicious software, according to research from McAfee Inc.

The study, released Monday, highlights continuing problems concerning how Web sites are registered and the ease with which bad actors can change Web sites to continue online scams.

McAfee analyzed 8.1 million of the world's most trafficked Web sites registered on 265 top-level domains (TLDs), such as ".com" and ".biz" along with country-specific ones, such as ".jp" for Japan.

McAfee offers a free tool, SiteAdvisor, that determines if Web sites send spam, host bad programs or have excessive pop-ups. McAfee, which bought SiteAdvisor Inc. in April 2006, also offers a pay version with more advanced features.

Small islands with their own TLDs remain troublesome. For example, some 18.5 percent of Web sites registered under the ".st" TLD are considered "risky" for either spam or other malicious activity, McAfee said. The TLD belongs to Sao Tome and Principe, a country of two volcanic islands west of Gabon.

Tokelau (.tk), a territory of New Zealand in the south Pacific, and Niue (.nu), also in the south Pacific east of Tonga, give out domains for free. That's good for scammers, who often need to register new domains as older ones are blocked by security software.

Niue also allows anonymous registration of Web sites. Nine years ago the country declared "no tolerance" policy against spammers, but McAfee said it wasn't a deterrent.

The safest TLDs belong to countries with stronger registration rules. Japan, Ireland, Sweden and Finland require a local postal address, while businesses in Norway have to register with the government to get a ".no" domain. Consequently, McAfee found the lowest percentage of bad Web sites in those domains.

Australia and Canada, McAfee said, require a local contact for registration, which often deters spammer since registrations take more time.

The ".info" domain ranked first among generic TLDs for its percentage of risky sites, at 7.5 percent, McAfee said. The domain also hosts many Web sites that send "spammy" e-mail, the vendor said.

SiteAdvisor submits an e-mail address to Web sites and counts how many e-mails are received. Users have a 73.2 percent chance of receiving a spam e-mail by giving their address to a random ".info" site, McAfee said.

The ".com" domain -- created in the 1980s -- came in second for risk, with 5.5 percent of its Web sites considered questionable, McAfee said.

COMMENT ON THIS ARTICLE

Related Content

Why an $873-million court ruling won’t stop spam
A Montreal spammer has been ordered to pay an astronomical settlement fee to Facebook for illegally obtaining user login data and sending out millions of spam messages. But with little chance to collect, industry observers doubt the ruling with deter future cyber crime activities

Click here for your free Symantec spam report!!!!!!!
In its State of Spam report, Symantec says mass marketers took advantage of mail transfer agents to back scatter messages, while only a small minority sent zip files. The ruse of lottery winnings is popular as well.

'60s cheque forger turned security consultant, during his interview at Computerworld's Storage Networking World conference.
Is it really possible to develop anti-spam solutions for every spam trick? Almost certainly not. But, without the research that is being carried out today, spam might be a whole lot worse. Here is a list of a dozen research projects that focus on new technology and techniques to stop spam of all kinds. This list contains select papers made public at the Fourth Conference on Email and Anti-Spam (CEAS 2007). The President of CEAS is Gordon V. Cormack, Professor at the David R. Cheriton School of Computer Science at the University of Waterloo.