Just like any city or town, the Web has parts — neighborhoods if you will — where dubious activities frequently take place: spam, scams, the distribution of potentially unwanted software (PUS), malware, botnets, phishing and other suspicious activity.
Enterprise security specialist Blue Coat Systems regularly analyzes hundreds of millions of Web requests from more than 15,000 businesses and 75 million users to track “shady activity” on the Web. In September, it released a list of the 10 top-level domains (TLDs) on the Web that are home to shady sites.
TLDs beyond the ubiquitous .com, .net and .org have begun to proliferate in the past several years, and they are often attractive to malicious actors because registering sites in those domains is often far less expensive than more well-known TLDs.
Blue Coat recommends that organizations take steps to protect themselves, including blocking traffic to the riskiest TLDs and cautioning users to be careful clicking on any links that contain these TLDs. It further suggests that users who unsure of a source hover their mouse over a link to help verify that it leads to the address displayed in the text of the link, or “press and hold” links on a mobile device to perform the same verification