Spammers and malware attackers have taken over the new DNS top-level domains The many new DNS top-level domains (TLDs) were heralded as a way to take pressure off the older DNS TLDs. It seems, however, the new TLDs are almost uniformly the source of spammers and malware launchers. There might be valid web resources in the new TLDs. They seem rarely referenced beyond a handful of sites, though, as .com, .org, .net and even .co have common usage aside from country-specific addresses such as .us, .uk, .de, .jp, etc. But .xyz? Spam. I get about four dozen spam emails from that domain most days. The .click TLD? I’ve gotten about 400 embedded malware emails from there so far this year. Then there’s .racing, .website and dozens of other new TLDs that are nothing more than difficult-to-block and nearly-impossible-to-kill spam/malware sources. It’s frustrating, and admins don’t have much chance to stanch the spam. How does one send abuse reports? Don’t try. No one cares. Behind the registrars are fleets of message sources, all waiting for your users to click. Some users will be sucked in by persuasive phishing attempts, while others will really want that new woodworking manual. Some of the phishing attempts using the new domains are really good and seductive, while others are beyond obvious. But consider many people have cloudy minds, especially before their first cup of coffee, and don’t pick up on phishing clues. We call them hacked. Block the new domains Spam filters are one option to prevent infection from emails using those domains. While filters can be hit or miss, we’ve had luck automatically filtering these domains, not one which have had a single genuine email: .xyz, .domain, .website, .info, .review, .club, .date., .racing, .download, .top, .gdn, .bid, .museum, .mobi and .stream. There are more, of course. Consider also blocking countries from where you do no business. I’ll leave these up to you. Look at the long list of TLDs to decide which ones make zero sense to your organization. You can also decide what to block from the constantly updated IANA list. P.S. While I was writing this post, I received 29 junk emails. Related content opinion The loss of net neutrality: Say goodbye to a free and open internet The effort to restore net neutrality advanced after the U.S. Senate voted to reinstate the rules. The motion still has a battle ahead of it, though. If it fails, you can expect these long-lasting problems to surface. By Tom Henderson May 17, 2018 10 mins Small and Medium Business Internet Mobile opinion Intel sold you out A vulnerability in Intel’s AMT could leave you open to attack By Tom Henderson May 08, 2017 5 mins Internet Security Intel Security opinion Net neutrality is net new revenue Rolling back net neutrality rules will spawn record shareholder returns and telco empires—and destroy the original concept of the internet By Tom Henderson May 03, 2017 4 mins Telecommunications Industry Internet opinion Security certificates gone wrong Some websites, including one secured by the U.S. Department of Homeland Security, fail in their use of security certificates and break the chains of trust By Tom Henderson Apr 25, 2017 2 mins Internet Application Security Security PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe