Africa’s Cameroon (.cm) has overthrown Hong Kong (.hk) as the Web’s riskiest domain
PR: Africa’s Cameroon (.cm) has overthrown Hong Kong (.hk) as the Web’s riskiest domain, according to McAfee’s third annual Mapping the Mal Web report, released today. At the opposite end, Japan (.jp) is the safest country domain, landing in the top five safest domains for the second year in a row. The most heavily trafficked Web domain in the world, commercial (.com), jumped from the ninth to second most dangerous domain, while government (.gov) is the safest non-country domain.
“This report underscores how quickly cybercriminals change tactics to lure in the most victims and avoid being caught. Last year, Hong Kong was the riskiest domain and this year it is dramatically safer,” said Mike Gallagher, chief technology officer for McAfee Labs. “Cybercriminals target regions where registering sites is cheap and convenient, and pose the least risk of being caught.”
Cameroon, a small African country that borders Nigeria, jumped to the number one spot this year with 36.7 percent of the .cm domain posing a security risk, but did not even make the list last year. Because the domain .cm is a common typo for .com, many cybercriminals set up fake typo-squatting sites that lead to malicious downloads, spyware, adware and other potentially unwanted programs.
Following aggressive measures from .hk’s domain managers to clamp down on scam-related registrations last year, Hong Kong fell 33 spots from the most risky domain in 2008 to the 34th most risky domain in 2009. Now only 1.1 percent of .hk sites pose a risk, whereas last year nearly one in five .hk Web sites were risky.
Among country domains, the People’s Republic of China (.cn) and Samoa (.ws) remained in the top five most dangerous places in the last two years.
Country Web Domains (ranked in most risky order) Overall Risk 2009 Overall Risk 2008
Cameroon (.cm) 36.7% n/a
PR of China (.cn) 23.4% 11.8%
Samoa (.ws) 17.8% 3.8%
Philippines (.ph) 13.1% 7.7%
Former Soviet Union (.su) 5.2% n/a
Country Web Domains (ranked in least risky order) Overall Risk 2009 Overall Risk 2008
Japan (.jp) .1% .1%
Ireland (.ie) .1% .3%
Croatia (.hr) .1% .5%
Luxembourg (.lu) .1% n/a
Vanuatu (.vu) .2% .9%
Additional findings from the 2009 Mapping the Mal Web report include:
• Of the 27 million Web sites and 104 top-level domains McAfee rated for this report, 5.8 percent pose a security risk – that is more than 1.5 million risky Web sites
• Sites registered to the Asia-Pacific Web domains are significantly riskier than the overall Web with 13 percent of sites posing a threat. This region includes the second riskiest domain with the People’s Republic of China (.cn), and also, ironically, the safest Web domain with Japan (.jp)
• Ireland (.ie) is Europe’s safest Web domain with only .1 percent risky sites
Using the award-winning McAfee® SiteAdvisor® technology and data from McAfee® TrustedSource™ technology, McAfee analyzed more than 27 million country and generic Web domains and calculated a weighted risk ratio. McAfee SiteAdvisor tests Web sites for browser exploits, phishing, excessive pop-ups and malicious downloads and gives sites that fail a rating. McAfee TrustedSource technology is a comprehensive Internet reputation system that analyzes Web traffic patterns, site behavior, hosted content, and more, to provide insight into site security risk.
“It’s not always easy for computer users to identify what’s safe and what’s not,” said Gallagher. “Reports like this and tools like McAfee SiteAdvisor, which is incorporated into all of McAfee’s consumer security suites, can be the compass people need to navigate the Web.”
McAfee security experts urge consumers to buy comprehensive security software such as McAfee® Total Protection, McAfee® Internet Security and McAfee® VirusScan® Plus, and keep their subscriptions current. McAfee SiteAdvisor is incorporated in each of McAfee’s product suites, so consumers can practice safe surfing through intuitive red, yellow and green rating icons to indicate a Web site’s risk level and reputation before the site is even accessed.
For more information on McAfee’s 2009 Mapping the Mal Web report including the full report, please visit: http://us.mcafee.com/en-us/local/docs/Mapping_Mal_Web.pdf