Risk level of domain name
There are various evaluation methods, even if it says “risk” of the domain name. For example, when you look at a domain name as a string, whether or not it is dangerous is the danger of the meaning of the string itself, and the misunderstanding with other strings. This is related to the risk of domain name disputes.
However, the evaluation of domain names announced by McAfee Inc. this time was evaluated from the perspective of security risk, including how to use domain names.
Although domain names are used as website URLs and email addresses, there are various security risks in these areas. Phishing sites and malicious websites that download programs such as malware are also major social problems. Also, there are various dangers in emails, such as spam emails, fraudulent emails, and emails trying to guide malicious websites.
The relationship between security risks and domain names used in them has been investigated and analyzed, and evaluations by top level domain (hereinafter referred to as TLD) have been announced this time. In a nutshell, we are evaluating that “the websites using this TLD have many dangerous sites and the ones using this TLD are few” (of course, the TLD It doesn’t mean that every website you use is dangerous.)
The survey is the third in 2009, and according to the 2009 survey, McAfee has tested more than 27 million domain names worldwide. Let’s take a look at the contents.
Dangerous TLD and Safe TLD
The announcement by McAfee is in the form of “risk ranking”. Table 1 shows the top 10 people from the highest risk.
GTLDs such as “.com”, “.net” and “.info” are rated as high risk. The risk ranking No. 1 “. Cm (Cameroon)” is a TLD different from “. Com” by one letter, so it aims at so-called typo squatting that guides the user who made the mistake input to another website. Seems to have many domain names. Also, the website is often malicious, and the rate at which it was rated high was 69.7%.
From a different perspective, Table 2 shows 10 TLDs extracted from the bottom of the risk ranking. In other words, this is a “low risk ranking” and can be called a “safe TLD ranking”.
Japan’s ccTLD “. Jp” is the second from the lowest in the risk ranking. In other words, it is rated as the second most secure TLD in the world. The safety ranks first because “.gov” of the US government and third place is “.edu” of the US educational institution. You can also say that the safest thing in ccTLD is “.jp”. In this survey, nearly 400,000 “.jp” websites were tested, and about 0.1% of them were rated as high risk.
Factor of difference in degree of danger
By the way, what kind of factor causes such a difference in the degree of risk? I think this can be understood from the perspective of operating a malicious website. Let’s come to a minute.
The most important thing is that it is difficult to identify your identity. After all, I’m trying to do something bad. When registering a domain name or using a website, it is better to save your information as much as possible. In addition, it is convenient if it is a service that can pass even the information of “a lie” at that time. If it can be used from abroad, it will be less likely to be tracked.
Second, cost is low and procedure is easy. Malicious site operation is not very effective with one or two. It is important to operate many sites at once, operate for a short period of time, and withdraw after a while. We use a lot, so the cost of using domain names and websites is better. Also, it is desirable that the procedure be as simple as it can be mechanized.
If you think about it a bit, you can see what domain names and website services are good for malicious publishers. Those that apply to such conditions will be ranked high in the risk ranking. Conversely, things that do not apply to this rank high in safety rankings.