In Soviet Russia cybersquatters outsmart you! The TLD you should watch out for
Posted by Adriana Tayraco on Thu, Feb 09, 2012
For years now, cybercriminals had gotten comfortable and pretty much taken over the control of the .ru Top Level Domain (TLD). According to ZeuS tracker, the .ru TLD was the most common TLD associated to criminal activity online. Because nobody likes having their TLD associated with online scumbags, the Coordination Center for TLD RU finally decided to step in and cleaned their reputation by setting up new terms and conditions for anyone to register a .ru domain.
Their new terms and conditions will allow them to take down a site if there is sufficient evidence that it is being used for phishing attacks. After these new rules came to be in late 2011, the number of fraudulent .ru domains went down drastically. Not only that, the lifespan of those domains went down from months to up to 24 hours. At BrandProtect, we have been able to take down malicious URLs in the .ru TLD in as little as 4 minutes with our median takedown time being under 15 hours (some healthy bragging doesn’t hurt!).
But the fight against cybersquatting is a never-ending one and cybercriminals will always try to be one step ahead of the game. Since their domains are now getting shut down at incredible speeds, they have decided to set up camp somewhere else and that somewhere else seems to be red-flavoured. You may be surprised to know that the Soviet Union had set up a Top Level Domain and it is still active. It doesn’t take a genius to know that this created an excellent opportunity for online scum gatherings. Swiss security blog Abuse.ch reported that the number of malicious .su domains is seen a steady increase.
The Russian Institute for Public Networks (RIPN) administers the .su TLD and it had just over 100,000 domains registered on November 2011 when the .ru policies came into effect. As of January 2012, that number had grown to 101,003 domains.
So to recap: avoid shady links coming from .ru and .su TLDs and ask your network about an increase protection and blockage against those domains. You may also want to know that the most dangerous country code TLDs besides .ru and .su include .cm (Cameroon), .cn (China), .ph (Philippines).
Companies need to be on the constant look out as these rogue websites are popping out left and right. A proper domain name monitoring tool can give you a drastic advantage as it scans registrations to make sure they are not infringing on your company rights. With the imminent arrival of ICANN’s new brand-related TLDs, monitoring domain names should be part of your top 5 things to do this year.
You’ve been warned; do not let cybersquatters outsmart you!