Cameroon Is Most Dangerous Web Domain, Says McAfee

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved,

Attackers are using Cameroon’s .cm domain name as part of typo-squatting schemes to infect users with malware, according to McAfee’s Mapping the Mal Web report

McAfee’s list of the most dangerous web domains has a new leader.

Africa’s Cameroon (.cm) domain has taken the top spot from Hong Kong (.hk) as the riskiest domain on the web, according to McAfee’s third annual Mapping the Mal Web report (PDF).

Japan (.jp) was found to be the safest country domain, and ranked among the top five safest domains for the second year in a row. The .com domain, which is the most heavily trafficked web domain in the world, jumped from ninth place to second on the most dangerous list while .gov was found to be the safest non-country domain on the web.

The rankings were made based on a number of factors, including data from McAfee SiteAdvisor on browser exploits, downloads and excessive pop-ups.

“This report underscores how quickly cybercriminals change tactics to lure in the most victims and avoid being caught,” said Mike Gallagher, chief technology officer for McAfee Labs, in a statement. “Last year, Hong Kong was the riskiest domain and this year it is dramatically safer. Cybercriminals target regions where registering sites is cheap and convenient, and pose the least risk of being caught.”

Cameroon carried a risk rating of 36.7 percent – meaning there is a 36.7 percent chance that a .cm site will be malicious. Interestingly, the domain did not even make the list last year. According to McAfee, attackers are taking advantage of the fact that .cm is a common typo for .com, and are setting up fake typo-squatting sites that lead to malicious downloads.

Hong Kong, the former No. 1 on the list, is now the 34th most risky domain due to a clamp down on scam-related registrations last year, according to McAfee. Now just some 1.1 percent of .hk sites pose a risk, whereas last year the number was nearly 20 percent.

Of the 27 million websites and 104 top-level domains McAfee rated for the report, 5.8 percent, or more than 1.5 million, pose a security risk.

The .cn ( China) and .ws ( Samoa) domains have been among the top five most dangerous places the last two years, and this year had a weighted risk of 23.4 percent and 17.8 percent, respectively. The four safest domains belonged to Japan (.jp), Ireland (.ie), Croatia (.hr) and Luxembourg (.lu), which each had a weighted risk of 0.1 percent.