Skip to content ↓ | Skip to navigation ↓

One of last year’s articles on The State of Security helped to open up a largely neglected topic in the domain name industry. The author, David Bisson, pointed to the growing volume of suspicious TLDs and how this could become a serious threat to organizations registering both new and old TLDs.

With ICANN adding new TLDs at an average rate of one domain per day, the domain naming ecosystem is clearly expanding, which means we can expect to see a rise in the associated risks of cyber threats.

According to Bisson, the key question related to this trend is one concerning the ability of popular registries to handle increased amounts of domain name spam and to protect legitimate organizations. In order to secure all the users on a specific TLD, registries need extensive resources, stable infrastructure and strict regulations for purchasing individual domains.

Such policies, however, haven’t yet been instituted by too many registries. This is why a recent announcement by Domain .ME could be interpreted as another serious call for both registries and end-users to take this issue more seriously.

Healthy Domain Abuse Policies

Having recently announced one million users, Domain .ME drew attention to the ongoing lack of content quality regulations and domain abuse policies in a large part of the industry. Its references to the best practices for ensuring healthy domain name neighborhood echo Bisson’s question of the extent to which some registries are focused on fighting the problem.

Unlike some of its competitors, .ME has developed comprehensive policies for preventing domain name abuse in the form of spam, phishing, farming, fast flux hosting and many other practices that can harm the entire .ME environment. The policy reads:

“Domain Name abuses should not be tolerated and doMEn and its Registrars will take appropriate actions based upon such investigations when made by doMEn or in compliance with competent legal authority.”

Similar policies are outlined by major registries, such as Afilias, the owner of .info, .mobi and .blue; Public Interest Registry, which owns .org, .ngo, and .ong; and Radix, whose most popular domains are .website, .online, .tech and .press.

By instituting such policies, these registries have taken the first step toward securing their environment, as this gives them a legal right to cancel or deny any transfer of a domain name to abusive users. This way, they will not only protect their legitimate users but also help raise public awareness of fraudulent practices other registries should be aware of.

Industry’s Weak Points

According to SURBL’s analysis of most abused TLDs, .com, .net, .win, and .biz count the largest number of suspicious domains. Being among the oldest and still most widely used TLDs, this is expected but it hardly justifies the lack of anti-spam policies.

For example, Verisign, which owns both .com and .net, doesn’t seem to have any such regulations in place, thus partly paving the way for a free exploitation of these domains. Yet, precisely because of their status in the web world, giants like Verisign are expected to have the most aggressive anti-spam practices and set an example for the emerging TLDs to start creating safe neighborhoods as soon as they are released.

Sadly, not many recently introduced TLDs or even country codes have explicitly addressed this problem thus far. Instead, they tend to rely on the number of registered domains to testify about their growth, which does raise questions about the actual number of suspicious domains they host.

For example, back in June, .xyz announced reaching almost one million registrations within the first year. Still, SURBL has found over 39,000 suspicious domains on this TLD alone, which accounts for almost four percent of all of its registrations.

From this perspective, the pace at which a domain grows may not necessarily reflect its value. This is one of the most important things new organizations need to realize when planning to buy a domain.


Awareness of the fact that new TLDs can become untrusted environments may definitely hurdle their adoption. This is particularly important with respect to the accelerated growth of the industry, which already has a deep impact on the development of digital businesses.

No company wants a domain name that in several years may become associated with spam or fraud. This is why end users also need to understand the implications of the lack of proper content quality regulations in the domain naming industry.


ClaireAbout the Author: Claire Bluth is a writer and researcher interested in business innovation and disruptive technologies. She is an advocate of cyber security best practices within organizations and hopes to help in raising public awareness of the importance of this issue. You can reach her on Twitter: @claire_bluth

Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

Title image courtesy of ShutterStock