The internet is made up of millions of websites, each identified by a top-level domain or TLD (Top-Level Domain), which is the final part of a web address, such as .com, .org, or .es. However, not all TLDs have the same usage or reputation. A recent report from Cloudflare Radar has identified which domains generate the highest amount of malicious emails and spam, posing a risk to internet users.
What does the report say?
Cloudflare Radar’s analysis is based on data from its cloud email security system, examining emails sent from these domains. The research has allowed for the identification of which TLDs appear most frequently in fraudulent messages, whether they are phishing attempts, malware, or simply mass spam emails.
Below are the TLDs that lead the ranking of the most used domains for these purposes.
Domains with the most malicious emails
Some domains are frequently used for fraudulent activities, such as online scams or the distribution of malicious software.
| TLD | Malicious Emails | Spam | Total |
|---|---|---|---|
| .hair | 95% | 5% | 99.7% |
| .pm | 83% | 16% | 99% |
| .xxx | 81% | 18% | 98% |
| .my | 69% | 9% | 78% |
| .pics | 58% | 42% | 99.6% |
| .today | 50% | 19% | 70% |
| .website | 48% | 2% | 50% |
| .autos | 41% | 59% | 99.3% |
| .tokyo | 40% | 42% | 82% |
| .tel | 37% | 4% | 41% |
Among these, the .hair domain records the highest percentage of malicious emails (95%), suggesting that it is used almost exclusively for fraudulent activities.
Domains with the Most Spam Emails
On the other hand, some domains do not display high levels of malicious content but are prolific in sending spam, indicating their use in unwanted or misleading advertising campaigns.
| TLD | Malicious Emails | Spam | Total |
|---|---|---|---|
| .wang | 0.2% | 99.1% | 99.3% |
| .ms | 0% | 94% | 94% |
| .productions | 0% | 94% | 94% |
| .help | 6% | 94% | 99.9% |
| .ir | 3% | 89% | 92% |
| .nu | 0.2% | 86% | 86% |
| .icu | 13% | 84% | 97% |
| .mobi | 12% | 82% | 94% |
| .as | 0% | 81% | 81% |
| .land | 17% | 81% | 98% |
The .wang domain stands out with a 99.1% of spam emails, making it a preferred option for sending unsolicited mass advertising.
Why are these domains more vulnerable to abuse?
There are several reasons why some TLDs are more affected by malicious emails and spam:
- Unrestricted registration: Some domains allow registrations without verification, making them easier to use for malicious purposes.
- Low or free cost: More affordable or free TLDs are more accessible to scammers and spammers.
- Less regulation and oversight: Some domains have less scrutiny from internet security authorities, making them havens for cybercriminals.
The Dangers of Malicious Emails and Spam
The use of these domains to send fraudulent emails poses a risk to internet users. Among the main dangers are:
- Phishing attacks: Emails trying to deceive users into stealing passwords or banking information.
- Malware distribution: Links or attachments that can install malicious software on the victim’s computer or mobile device.
- Online scams: Emails that promise fake prizes, fraudulent investments, or pyramid schemes.
How to Protect Yourself
To reduce the risk of being a victim of these malicious emails, experts recommend:
- Enable spam filters: Most email services have advanced options to detect spam.
- Do not click on suspicious links: If an email seems fraudulent, it is best not to open it or download attachments.
- Use cybersecurity solutions: Services like those offered by Cloudflare, Google, or Microsoft can help block threats.
- Set up security measures on email servers: Implementing authentication protocols like DMARC, SPF, and DKIM helps filter dangerous messages.
- Avoid interacting with unknown senders: If an email comes from an uncommon domain, it is best to ignore it.
Conclusion
The report from Cloudflare Radar highlights how certain top-level domains are being massively used to distribute spam and malicious content. While this doesn’t mean that all emails coming from these domains are dangerous, the high percentage of abuse advises taking extra precautions when interacting with them.
In a world where phishing and cyber fraud attacks are becoming increasingly sophisticated, being aware of these risks and adopting security measures is essential for protecting oneself online.
Source: Security News