Concerned about cyber hygiene? Steer clear of .zip domain

Concerned about cyber hygiene? Steer clear of unfamiliar domains

There are some scary neighborhoods on the Internet.   A new survey from enterprise security company Blue Coat Systems found 10 different Top-Level Domains where at least 96 percent of the websites were deemed suspicious.  In the two worst TLDs, 100 percent of the websites raised concerns.

A TLD is the .com, .gov or other suffix on a site's domain name.  Once limited to a country-specific TLDs and a handful of general extensions, the list of TLD options has exploded in recent years to include everything from .accountants to .xxx. Last year, in fact, New York City became the first U.S. city to create its own TLD for individuals and businesses that live within the five boroughs.  

Blue Coat Systems considers a website to be suspicious if it is connected to spam or a known scam site, contains malware or potentially unwanted software, is part of a botnet or is a phishing site. The company examined hundreds of millions of website requests from more than 15,000 businesses and 75 million users. Blue Coat Systems recommends that organizations block traffic from the TLDs in the top 10 in order to protect their systems.

The .mil TLD was deemed the safest of the bunch, with .gov ranking fifth on the trustworthy list -- both had less than one percent of websites labeled suspicious. Many of the other TLDs considered safest are country codes that cover only a small number of websites. And Blue Coat Systems warned that there are no guarantees such TLDs will remain low risk.

Top 10 TLDs with the highest percentage of suspicious websites

  1. .zip              
  2. .review                
  3. .country                 
  4. .kim                          
  5. .cricket                            
  6. .science                                
  7. .work                              
  8. .party                            
  9. .gq (Equatorial Guinea)
  10. .link  

Top 10 "safest" TLDs

  1. .mil                                    
  2. .jobs                                   
  3. .ck (Cook Islands)                
  4. .church                              
  5. .gov                            
  6. .gi (Gibraltar)                     
  7. .tel                                 
  8. .kw (Kuwait)                
  9. .london                  
  10. .jp (Japan)    

Read the full report here

About the Author

Derek Major is a former reporter for GCN.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected