outlets. One report was from McAfee with their annual Site Advisor
report that showed the .hk ccTLD had the highest proportion of
websites (19.2%) posing a threat to internet users with .cn second
this year (over 11%). By contrast, .fi remains the safest online
destination for the second year with 0.05%, followed by .jp.
Among the gTLDs, .info was again the most dangerous gTLD with almost
12 per cent (11.73%) of sites posing a threat compared to 7.5 per cent
in 2007. Of the gTLDs, only .com and .biz improved. All others were
worse than in 2007.
The riskiest ccTLD in 2007, .tk, dropped to 28th position. Some key
findings from the report were:
* the chance of downloading spyware, adware, viruses or other
unwanted software from surfing the Web increased 41.5% over 2007
* sites which offer downloads such as ringtones and screen savers
that are also loaded with viruses, spyware and adware increased over
the last year from 3.3% to 4.7%
* the Philippines (.ph) experienced a 270% increase in overall riskiness
* tokelau (.tk) and Samoa (.ws) were notably safer in 2008 dropping
to 28th and 12th
* in Europe, Spain (.es) experienced a 91% increase in overall risk.
However critics of the McAfee report in the IDG report note "the
survey did not demonstrate any real risk as emanating from the SAR.
'McAfee are only looking at the top-level domain bit, they are not
looking at the location of the server,' said Richard Stagg, director
and managing consultant at Handshake Networking, a vendor-independent
security consultancy. 'They're not paying attention to where sites are
actually hosted.'" However a report in Hong Kong's The Standard quotes
"Maren Leizaola, who runs online services company HK.COM, said the
HKDNRs lax policy in order to promote the citys own
domain name was short- sighted." While "Internet Professional
Association chief executive Gary Chao said ".hk" and ".cn" domain
names were popular with small to medium sized enterprises that had
limited budgets and were reluctant to invest in security." It is noted
in a couple of several articles .hk has begun to tighten policies in
response to security issues.
And in China, the Los Angeles Times says the big allure may be price,
with domain names available for as little as 15 cents wholesale. But
overall, the level of risk around the world in 2008 was the same as
2007. Ars technica notes McAfee's methodology is not flawless and that
"many malware companies deliberately choose to host their services
with a foreign domain registrar precisely because its much more
difficult for such domains to be shut down. SiteAdvisor's risk
evaluation contains no information on where malicious software vendors
are actually housing their servers."
The second report is from MarkMonitor whose Brandjacking Index 2008
reports "brand-jacking is increasing, with online scammers actively
abusing a brand's reputation in order to build more legitimacy into
their campaigns, by taking advantage of the brand's trusted
reputation" according to ZDNet.
From the MarkMonitor news release:
"The findings show vendors in China, the U.S. and other countries are
selling questionable aircraft components in bulk online, adding
complexity to the supply chain for commercial aircraft and regulation
of commercial aviation. Business-to-business channels are not the only
targets for brandjackers who use online auctions to offer unusable
airline vouchers to trick cost-conscience consumers out of their money
and spam to infect their computers with spyware as well as to siphon
business from legitimate brands. In other brandjacking trends,
cybersquatting, the most pervasive form of brandjacking, grew by 40
percent in Q1 2008 while pay-per-click fraud declined by 42 percent.
Phishers target fewer new organizations and focus 90 percent of
phishing activity on a small number of brands."
No comments:
Post a Comment