Krebs on Security: Bad .Men at .Work. Please Don’t .Click. “Web site names ending in new top-level domains (TLDs) like .men, .work and .click are some of the riskiest and spammy-est on the Internet, according to experts who track such concentrations of badness online. Not that there still aren’t a whole mess of nasty .com, .net and .biz domains out there, but relative to their size (i.e. overall number of domains) these newer TLDs are far dicier to visit than most online destinations.”
GoDaddy has launched a search engine for emoji domain names. “Technically, emoji domains have been around for years. GoDaddy provides a timeline on its search site. But they were difficult to search for and required some understanding of how the domain name system handles characters. (If ASCII or Punycode mean anything to you, you probably already knew about emoji-based domains.) GoDaddy’s site aims to make it easy for anyone with a phone to find available emoji domains.”
A new technique hopes to detect malicious Web sites as early as when the domains are registered. “Malicious websites promoting scams, distributing malware and collecting phished credentials pervade the web. As quickly as we block or blacklist them, criminals set up new domain names to support their activities. Now a research team including Princeton University computer science professor Nick Feamster and recently graduated Ph.D. student Shuang Hao has developed a technique to make it more difficult to register new domains for nefarious purposes.
Google has open-sourced its domain registry platform. “Nomulus is the platform it uses to manage all the registration data for domains that fall under its TLDs (think blog.google). Among other things, this platform handles all of the requests to buy, renew and transfer domains. While you may be buying a domain name from GoDaddy, for example, you’re really just using GoDaddy as an intermediary between you and the TLD’s owner.”
Oh boy, I’ve been worried about this: spammers are exploiting .gov domains. “Spam purveyors are taking advantage of so-called ‘open redirects’ on several U.S. state Web sites to hide the true destination to which users will be taken if they click the link. Open redirects are potentially dangerous because they let spammers abuse the reputation of the site hosting the redirect to get users to visit malicious or spammy sites without realizing it.”
What are the worst Top-Level Domains (TLDs) for malware? You’ve probably never heard of them. “Spamhaus, an organization that monitors spam, botnet and malware activity on the Internet, has published a list of the world’s top 10 ‘worst TLDs’ on Saturday. What’s interesting is that the list is not based on the overall number of abusive domains hosted under a TLD, but on the TLD’s ratio of abusive domains compared to legitimate ones.”