There were many who warned that the Internet Corporation for Assigned Names and Numbers’ (ICANN) decision to allow a host of new commercial generic top-level Internet domains was going to create a huge opportunity for Internet scammers and hackers. The approval of top-level domains (TLDs) beyond those assigned to countries and generic ones such as .com, .org, and .net created an opportunity, some in the security industry warned, for criminals to set up “look-alike” domains in the new namespace that aped legitimate sites already registered in .com or elsewhere.
Well, the warnings were spot-on. Based on data just published (PDF) by the network security and deep packet inspection tool vendor Blue Coat, that’s exactly what happened: some of the new “neighborhoods” open for name registration have become almost exclusively the domain of people setting up hosts for spam e-mailing, scams, shady software downloads, malware distribution, botnet operations and “phishing” attacks, or other suspicious content. One hundred percent of sites accessed with the .zip and .review TLD that had been scanned and added to Blue Coat’s domain database were classified by Blue Coat’s researchers as “shady.”
Of course, these rankings may be distorted by the fact that there are so few records in Blue Coat’s database for these domains—.zip isn’t even officially available yet from domain registrars, so it’s not clear how there were any records for it at all. Update: A Google spokesperson (and many others) reached out to Ars to point out that .ZIP has never been publicly released, which we noted earlier.  The only site currently sporting an actual .zip domain is Google’s site advertising the TLD. A Blue Coat spokesperson pointed to a blog post from the company today that clarifies how .zip got on the “shady” list:
Read 2 remaining paragraphs | Comments

Leave a Reply