Almost all dot-science malicious, dot-cricket rigged, researchers find

Almost every one of the hundreds of thousands of websites in 10 top level domains including all under dot-review and dot-zip are malicious, according to research.

More than 95 per cent of the hundreds of thousands websites in each of ten top level domains (TLDs) including dot-country, dot-cricket, dot-science, and dot-party are flogging spam, malware or adware.

The shocking findings published by security firm Blue Coat were part of a review canvassing millions of websites requested by its clients of 15,000 businesses and 75 million global users.

"Most of these websites are being leveraged by attackers in spam and scams and to distribute potentially unwanted software," the bluecoat study Do Not Enter [pdf] said.

"Others are related to search engine optimisation positioning or other 'junk sites' that would be classified as suspicious."

The research added: "Businesses should consider blocking traffic to dot-work, dot-gq, dot-science, dot-kim and dot-country [and] the remaining five TLDs in the top 10 shadiest TLDs list deserve similar consideration."

Examples of the scam sites showed basic scams such as shock sites that foisted malware or surveys on victims who attempted to view bogus videos.

Malware and bots are not frequently slung on the shady sites. The reasons for this were not explained in the report.

Some TLDs have been considered safe, however, including dot-sucks – which demands up to a $2,000 annual registration fee – something that apparently prices scammers out of the market.

The dot-mil military TLD clocked the least number of shady sites at 0.24 per cent. The dot-London TLD featured in the list sporting 1.85 per cent of bad sites among its registered total.

Blue Coat warned that smaller players operating TLDs, like dot-ck for the Cook Islands, may lack the resources to maintain the current safe standing.

TLD operators need to pay the Internet Corporation for Assigned Names and Numbers (ICANN) $185,000 for the privilege to operate and demonstrate the means to run the registry.

There were no requirements to impose the scrutiny on domain buyers which creates the opportunity for abuse, Blue Coat said. ®