Home / Blogs

The World’s Most Dangerous Country Code Top-Level Domains

If you want to know the world’s most dangerous country code Top-Level Domains (ccTLDs), ask an anti-virus software company.

McAfee has released its list of most dangerous country codes. Here are the top five:

1. Cameroon (.cm)
2. PR of China (.cn)
3. Samoa (.ws)
4. Philippines (.ph)
5. Former Soviet Union (.su)

Why is Camerooon at the top of the list?

Because .cm is a common typo by users who intended to type .com.

According to McAfee, more than 30% of all domains registered under .cm are up to no good.

I have a business idea for Verisign—why not license .cm and bundle it with .com registrations to give users a more secure domain package. I could see many companies paying for this.

China is number two. The country has made efforts recently to clean up its domain by requiring business licenses of its registrants. Some of the Western media have misinterpreted this as censorship. That’s one of the great ironies of managing top-level domains. You kinda have to keep a close eye on what the registrants are doing with these domains if you want to ensure a safer Internet.

But I digress.

And what are the safest ccTLDs? Here are the top five:

1. Japan (.jp)
2. Ireland (.ie)
3. Croatia (.hr)
4. Luxembourg (.lu)
5. Vanuatu (.vu)

You can view a larger map here.

By John Yunker, Author and founder of Byte Level Research

Filed Under

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet


What stops spammers from acquiring a shell company and registering a domain with it? Suresh Ramasubramanian  –  Jan 5, 2010 9:23 AM

That’s just one of the questions - but I could just as easily ask my friends at McAfee those I guess.

The report itself is interesting, so thanks for posting a link to the report.

The problem is that the report ignores Michele Neylon  –  Jan 5, 2010 5:49 PM

The problem is that the report ignores restrictions. It’s easy to see why .jp or .ie are high up the list - you have to do backflips to register a domain in either namespace.

It would be a lot more interesting to see a report that compared like with like ie. cctlds that were completely open with others that were, again, completely open

Important Discussion Garth Bruen  –  Jan 6, 2010 3:44 PM

This is an important discussion some are hoping to avoid. In our own recent report on problem ccTLDs we prefaced it with this quote from the U.S. House Subcommittee on Courts, the Internet, and Intellectual Property:

“Websites operating from the two-letter country-code top-level domains (ccTLDs) are likely to become increasingly important to our Internet fraud efforts. Websites operating from ccTLDs are viewable by U.S. consumers, and an increasing number of our actions involve foreign-based websites targeting U.S. consumers.”

This is from 2002 and things have gotten worse for some ccTLDs. They keep finding the same pitfalls, the two major ones being:

* ccTLDs unwittingly sell their operations to a foreign company who abuses it
* The ccTLD does not participate in helpful bodies like ISOC, CERT, and the GAC

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.



Brand Protection

Sponsored byCSC

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API


Sponsored byVerisign