It isn't fair to judge a book by its cover, but is it fair to judge a domain name by its TLD? Apparently it is, and a new report published
by McAfee confirms that certain TLDs are more dangerous to visit, on average, than others. In particular, they flagged 3 TLDs as exceptionally dangerous, with two to three times the percentage of dangerous sites as others. McAfee lists the .hk, .cn and .info TLDs as the most dangerous, with .hk being the most dangerous of all. Of all the sites queried in .hk, more than 19% were flagged as dangerous or “potentially dangerous” (whatever that means), compared to 11.8% of .cn domains and 11.7% of .info domains. This is all compared to .com, which ranked at only 5% - but, as it is the most popular TLD, the numbers may be diluted.
McAfee sites lower fees and less strict requirements to acquiring some of the above mentioned TLDs as a reason why they are more likely to be used for malicious purposes. Considering how easy it is to register a .com, I wonder how much less strict the requirements could become. They also pinpointed “security lapses” in the systems of some registrars, which also contributed to the figures. They didn't mention specific names, however.
The “safest” TLDs probed were .gov, reserved for Government use, .jp, for servers based in Japan, and .au, for servers based in Australia. Perhaps the registrars for .hk should take notes from how they hand out domains.