McAfee maps risky Web domains

Russia and Romania are the countries with domains most likely to host 'drive-by' exploits

A map unveiled today by McAfee Inc. and based on data from its SiteAdvisor service paints Russia and Romania deep red as the countries whose domains are most likely to host "drive-by" exploits.

McAfee SiteAdvisor, a free-of-charge plug-in for Internet Explorer and Firefox, rates sites on several criteria, including dangerous downloads, spam tendencies and hosted exploits. It then posts green, yellow and red icons on search results obtained from Google, Yahoo or MSN.

McAfee applied the results of its site scanning to come up with the Flash-based map, which will be updated monthly.

"When it comes to safety, it turns out that the Web is no different than the physical world. There are safe neighborhoods and safe Web domains, and then there are places no one should ever visit," said Mark Maxwell, a McAfee senior product manager, in a statement.

Of the major top-level country domains, 5.6% of the sites in Romania (.ro) and 4.5% of those for Russia (.ru) were among the riskiest, said McAfee. The two nations also placed second and third, respectively, in the percentage of their country domains that host malicious code.

The world's riskiest country domain was .tk, for Tokelau, a three-atoll group of islands in the South Pacific formerly known as the Union Islands. More than 10% of the .tk domains are pegged as dangerous, and it leads all others in the percentage of sites that harbor exploits.

Of all the generic domains -- .biz, .com, .edu, .gov, .net, .org and .info -- the last is easily the riskiest to visit, said McAfee. Approximately 7.5% of .info sites are rated as dangerous. In comparison, .com comes in at 5.5% and .net at 4.4%. The .edu and .gov domains are the safest, with 0.3% and 0%, respectively, of sites seen as risky.

Low- or no-cost domain registration and minimal domain oversight appear to drive at least some of the higher levels of risk found at some top-level domains, said McAfee. One reason that the .biz domain may be preferred by spammers, the security vendor said, is that those domains are available immediately; most others impose a 24-hour waiting period. According to the SiteAdvisor data, 13.2% of .biz domains will send large numbers of unsolicited e-mails to users who register at its sites.

The five safest country domains to visit are Finland (0.10%), Ireland (0.11%), Norway (0.16%), Iceland (0.19%) and Sweden (0.21%).

The .us domain is ranked 20th overall, with a risky-site percentage of 2.1%. The U.S.'s country domain, however, is used much less in the U.S. than the riskier, generic .com domain.

Because of its popularity, the .com domain accounts for an overwhelming majority of all click-on sites marked with red or yellow icons by SiteAdvisor. Last month, 86.6% of all risky clicks were to .com sites.

Copyright © 2007 IDG Communications, Inc.

Shop Tech Products at Amazon