Blue Coat says the figure rises from 95% to 100% for the top two highest ranking TLDs - .zip and .review.
The security company says it has analysed hundreds of millions of Web requests from more than 15,000 businesses and 75 million users to create its ‘The Web’s Shadiest Neighbourhooods’ report.
The security vendor has combined its research report with tips and tricks for Web users and enterprise security departments looking to avoid viruses and other malicious activity.
Most Common Malicious Activity Less Common Malicious Activity
Potentially Unwanted Software (PUS)
The report also reveals examples of what Blue Coat calls “nefarious activity” taking place on “shady websites” of some of the top ranked Shady TLDs, including the fourth most seemingly dangerous neighbourhood - .kim.
And, Blue Coat’s Web Top 10 ‘TLDs with Shady Sites’ are:
Rank Top-Level Domain Name Percentage of Shady Sites
#1 .zip 100.00%
#2 .review 100.00%
#3 .country 99.97%
#4 .kim 99.74%
#5 .cricket 99.57%
#6 .science 99.35%
#7 .work 98.20%
#8 .party 98.07%
#9 .gq (Equatorial Guinea) 97.68%
#10 .link 96.98%
These percentages are based on categorisations of websites actually visited by Blue Coat’s 75 million users, with a TLD having 100% shady sites correlating to sites categorised by Blue Coat.
According to Blue Coat, its researchers recently discovered websites serving up pages which mimic popular video and image sites and prompt unprotected visitors to unwittingly download malware.
“Due to the explosion of TLDs in recent years, we have seen a staggering number of almost entirely shady Web neighbourhoods crop up at an alarming rate,” said Dr. Hugh Thompson, CTO for Blue Coat Systems.
“The increase in Shady TLDs as revealed by Blue Coat’s analysis is in turn providing increased opportunity for the bad guys to partake in malicious activity.
“In order to build a better security posture, knowledge about which sites are the most suspicious, and how to avoid them, is essential for consumers and businesses alike.”
Blue Coat has advice for organisations and consumers looking to safeguard themselves against these “shady TLDs, saying they can draw key lessons from the report to inform and strengthen their security posture, including:
• Businesses should consider blocking traffic that leads to the riskiest TLDs. For example, Blue Coat has previously recommended that businesses consider blocking traffic to .work, .gq, .science, .kim and .country
• Users should use caution to click on any links that contain these TLDs if they encounter them in search results, e-mail, or social network environments
• If unsure of the source, hover the mouse over a link to help verify that it leads to the address displayed in the text of the link
• “Press and Hold” links on a mobile device (not just click) to verify it leads where it says it does.