The new internet domains are a wasteland

Spammers and malware attackers have taken over the new DNS top-level domains

The new internet domains are a wasteland

The many new DNS top-level domains (TLDs) were heralded as a way to take pressure off the older DNS TLDs. It seems, however, the new TLDs are almost uniformly the source of spammers and malware launchers.

There might be valid web resources in the new TLDs. They seem rarely referenced beyond a handful of sites, though, as .com, .org, .net and even .co have common usage aside from country-specific addresses such as .us, .uk, .de, .jp, etc.

But .xyz? Spam. I get about four dozen spam emails from that domain most days. The .click TLD? I’ve gotten about 400 embedded malware emails from there so far this year. Then there’s .racing, .website and dozens of other new TLDs that are nothing more than difficult-to-block and nearly-impossible-to-kill spam/malware sources. It’s frustrating, and admins don’t have much chance to stanch the spam.

How does one send abuse reports?

Don’t try. No one cares.

Behind the registrars are fleets of message sources, all waiting for your users to click. Some users will be sucked in by persuasive phishing attempts, while others will really want that new woodworking manual.

Some of the phishing attempts using the new domains are really good and seductive, while others are beyond obvious. But consider many people have cloudy minds, especially before their first cup of coffee, and don’t pick up on phishing clues. We call them hacked.  

Block the new domains

Spam filters are one option to prevent infection from emails using those domains. While filters can be hit or miss, we’ve had luck automatically filtering these domains, not one which have had a single genuine email: .xyz, .domain, .website, .info, .review, .club, .date., .racing, .download, .top, .gdn, .bid, .museum, .mobi and .stream.

There are more, of course.

Consider also blocking countries from where you do no business. I’ll leave these up to you. Look at the long list of TLDs to decide which ones make zero sense to your organization. You can also decide what to block from the constantly updated IANA list.

P.S. While I was writing this post, I received 29 junk emails.

Copyright © 2016 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022