Friday 15 July 2022

This blog looks at the dubious awards for worst domain spaces across Malware, Phishing Attacks and Spam. Not all domain spaces are designed to be good.

Domain Tools recently released its spring report, Internet Scale Patterns in Malicious Infrastructure that analyzed the prevalence of phishing, malware and spam compared to the number of domains registered.

Not surprisingly the domain name spaces that were cheap or are given at no cost are the worst offenders in each of the three categorize studies: phishing, malware and spam.  The same applies for SSLs, where cheap of free SSls are provided, bad actors favour them, for example, Let’s encrypt is a free SSL and shows up high in DomainTools’ badness reports for SSL certificates.

Top Phishing Domain Spaces

Phishing Following are the top ten TLDs ranked by signal strength for phishing. The domain spaces .buzz, .rest, .ml, .top, .monster, and .cyou were all in the previous Top 10 list for phishing. .buzz more than doubled the dodgy signal strength than any other TLDs.  Top 10 Phishing domain name spaces were:

1.buzz
2.gq
3.ga
4.rest
5.ml
6.top
7.cf
8.monster
9.cyou
10.quest

Top Malware Domain Spaces

Sorry, .xyz, but your reputation in the infosec community is what it is for a reason. In the Malware category, we observed over 323,000 domains in .xyz, a significant uptick from its previous showing of a still-substantial ~207,000.

Top 10 Malware domain name spaces were:

  1. .xyz
  2. .cc
  3. .buzz
  4. .cfd
  5. .cyou
  6. .top
  7. .gq
  8. .bar
  9. .ga
  10. .monster

Top Spam Domain Spaces

Among TLDs with the highest signal strength for spam, .cam made a major jump, from the 8th position to 1st. TLDs repeating from last time were .cam, .bar, .surf, and .xyz. Another data point that stands out about .xyz is its high overall count of spam domains, with almost 56,000 as of our snapshot time.

Top 10 Spam domain name spaces were:

  1. .cam
  2. .bar
  3. .surf
  4. .xyz
  5. .click
  6. .top
  7. .tk
  8. .ml
  9. .ga
  10. .cf

About brandsec

Brandsec is a corporate domain name management and brand protection company that looks after many of Australia, New Zealand and Asia’s top publicly listed brands. We provide monitoring and enforcement services, DNS, SSL Management, domain name brokerage and dispute management and brand security consultation services.

 

RELATED POSTS

2022-07-16T07:42:39+00:00

Contact Us

Contact us today and we will endeavour to answer your query as soon as possible

Send us a Message

    Contact Information

    Go to Top