In the early days of the internet, there were only a handful of common top-level domains (TLDs)—the last part of the web address, such as .com, .net, .org, .edu, .gov or country-specific codes like Japan’s .jp.
Now, there are more than a thousand. But some of these domains are riskier than others. Security firm Blue Coat found that many TLDs are being used to conduct phishing attacks and scams and distribute spam and malware.
The top 10 TLDs with the highest percentage of suspicious websites include: .zip, .review, .country, .kim, .cricket, .science, .work, .party, .gp and .link. In all cases, 96% or more of the sites found in these domains were suspected of being home to malicious activity. For the top two—.zip and .review—100% of the sites were considered suspicious.
In order to minimize the risk, Blue Coat advised companies to block traffic to the most dangerous TLDs and cautioned users to be vigilant about what links they click.