A couple of weeks ago I wrote an article about a study that Unit 42 did on newly registered domains. Yesterday I stumbled on another article about two more studies, also talking about newly registered domains, and like the title of the post says – with similar findings.
According to 2 reports separately from Farsight Security and Georgia Tech University, Newly Registered Domains pose danger to users, as these have far greater possibilities of being utilized for malware distribution and phishing operations.(Source – SpamFigher.com)
The article goes on to do a deeper dive of the specific TLDs that seem to be used maliciously, and, well it really comes down to one domain extension…drumroll please – .TO:
But, in the case of malevolent NRDs, analysts observed that the percentage increased with many ccTLDs (country-code Top Level Domains). Malevolent NRDs, which were highest in number among various TLDs, had .to domain, accounting for 80 to 100 percent of the TLD behaving as malicious. The finding suggests that there is free/inexpensive registration for .to TLD, just as it has one not so stringent registration policy, while hides WHOIS registrant details so the general users can’t view it. (Source – SpamFigher.com)
Given how many .TO domains are used for SPAM my guess is anyone trying to build a legitimate website on a .TO domain is going to have more SEO problems than most since Google probably knows the data presented in these reports as well. This likely also means that any email you send from a .TO domain will end up being marked as SPAM making .TO a pretty bad choice for branding no matter how you slice it.
I don’t think any startups have .TO high on their list and I know most domain investors wouldn’t touch it with a ten foot pole so I don’t think anyone reading this is going to be freaking out right now. Still, it’s good to know because now if you ever get an email from a .TO domain or get re-directed to a .TO website, you’re probably going to think twice.