McAfee has released its annual "Mapping the Mal Web" report, which reports on "the riskiest and safest places on the Web," after analyzing "9.9 million heavily trafficked Web sites" using its own McAfee Site Advisor technology. Topping the list of most dangerous domains is the .hk domain (Hong Kong); the safest domain is .fi (Finland).
Ranked in order, the top five most dangerous country domains are:
- .hk (Hong Kong)
- .cn (China)
- .ph (Philippines)
- .ro (Romania)
- .ru (Russia)
- .fi (Finland)
- .jp (Japan)
- .no (Norway)
- .si (Slovenia)
- .co (Columbia)
In addition to country domains, McAfee found the .info domain to be the most dangerous generic domain--claiming that as much as 11.8 percent of all .info domains pose legitimate security threats. McAfee also reports that "the chance of downloading spyware, adware, viruses or other unwanted software from surfing the Web increased 41.5% over 2007."
"For administrators of top-level domains this study should act as a wake-up call. Last year's report spurred Tokelau's domain manager to reexamine its policies," said Jeff Green, Senior Vice President of Product Development & Avert Labs. "Not all domain managers are as accommodating so our mission is to educate consumers of the dangers and protect them in every way they enjoy the Web whether through their PC, the Web itself, or mobile phone. With our new secure search and website safety certification, we're taking the guesswork out of searching and surfing online so that consumers enjoy a safer Web experience."
McAfee’s motivation for producing and disseminating this report is not completely altruistic. While consumers will benefit from this knowledge, it is also designed as a scare tactic (legitimate or otherwise) to frighten people into purchasing and using security software developed by companies such as McAfee. The report also increases the perception of McAfee as an industry security expert, which leverages its potential market share for providing security solutions to the very domains it identifies as risky.
"The domain risk assessments come from the McAfee SiteAdvisor site rating database. SiteAdvisor tests sites for the presence of risky behaviors such as browser exploits, adware/spyware/Trojans/viruses, high likelihood of receiving spam, affiliation with other risky sites, and aggressive pop-up marketing."