McAfee, Inc. (NYSE: MFE) today announced the results of a McAfee® SiteAdvisor™ research report that creates a global road map of the riskiest, and the safest, places to surf and search on the World Wide Web. McAfee analyzed and ranked 265 top-level domains like Japan (.jp), France (.fr) and Commercial (.com) based on McAfee’s Web safety tests for spyware, spam, exploits and scams. The report, “Mapping the Mal Web,” revealed surprisingly large differences in safety from one domain to another. This global portrait estimates that each month, Internet users make more than 550 million clicks to risky Web sites and that even relatively safe domains like Germany (.de) or the United Kingdom (.uk) account for millions of risky clicks.
“With this report, McAfee has created a guide book to the Web’s most dangerous top level domains,” said Mark Maxwell, Senior Product Manager, McAfee Consumer and Small Business. “When it comes to safety, it turns out that the Web is no different than the physical world. There are safe neighborhoods and safe Web domains, and then there are places no one should ever visit.”
McAfee SiteAdvisor, a free tool available at www.mcafee.com, adds intuitive red, yellow, or green ratings to sites and search results based on proprietary tests of millions of Web sites representing more than 95% of the trafficked Web. Red ratings are given to risky sites that fail one or more of McAfee’s tests for adware, spyware, viruses, exploits, spammy e-mail, excessive pop-ups or strong affiliations with other red-rated sites. Green-rated sites passed each of these tests. Yellow ratings are given to sites which pass McAfee’s safety tests but which still have nuisances, such as excessive pop-ups, warranting a user advisory. Businesses and consumers may use McAfee SiteAdvisor to complement their existing McAfee products or to enhance security products made by other manufacturers.
Among the key findings of the study are:
The incidence of red and yellow sites varies dramatically across top-level domains, ranging from a low of 0.1% for Finland (.fi) to a high of 10.1% for the tiny island of Tokelau (.tk). Overall, 4.1% of all sites tested by SiteAdvisor are rated red or yellow.
Some Web activities, like registering at a site or downloading a file, are significantly more risky when done at certain domains. For example, giving an e-mail address to a random .info domain results in a stunning 73.2% chance of receiving spammy e-mail.
The most risky large country domains are Romania (.ro, 5.6% risky sites) and Russia (.ru, 4.5% risky sites). These country domains are also the most likely to host exploit or “drive-by-download” sites.
.info is the riskiest generic domain, with 7.5% of its sites rated as risky. .com is the second most risky generic domain, with 5.5% of sites rated as risky.
Three of the five least risky country domains are Nordic countries – Finland (0.10%), Norway (.no, 0.16%) and Sweden (.se, 0.21%). Iceland (.is, 0.19%) and Ireland (.ie, 0.11%) round out the top five least risky country domains.
.gov is the only frequently tested domain for which SiteAdvisor has found no risky sites. .gov is only available to United States government agencies.
Even though the .com domain is only the 5th most risky domain by rank, its huge popularity magnifies its impact on search and browsing risk dramatically. 86.6% of clicks to red and yellow rated sites go to .com sites.
Even though the Netherlands (.nl), Germany (.de) and the United Kingdom (.uk) are all relatively safe country domains, ranking 31st, 33rd and 51st most risky respectively, each of their country domains account for more than 2 million clicks to red and yellow sites every month. Likewise Japan (.jp) is ranked 57th most risky and yet red and yellow rated .jp sites receive an estimated 1.6 million clicks each month.
Low or no cost domain registration and minimal domain oversight appear to drive at least some of the higher levels of risk found at some top-level domains. For example, one reason the .biz domain may be preferred by spammers is because .biz domains are available for immediate use, rather than after a typical 24 hour waiting period – a critical advantage in beating anti-spam services and blacklists.
“For administrators of top-level domains, this study should serve as a wake-up call. Clearly, some countries are getting it right. And the more risky top level domains now have the role models they need to improve,” added Maxwell. “For consumers, this study is a stark reminder that they need help navigating the Web safely. Tools like McAfee SiteAdvisor give consumers the information they need, when they need it, to make safer Web decisions.”
The complete study and results, along with an interactive map is available at: http://www.siteadvisor.com/studies/map_malweb_mar2007.html