Are Some Web Domains More Dangerous Than Others?

Thursday, June 5th, 2008

The simple answer is “yes.”

A recent report published by McAfee showed that specific country domains and some generic domains are more dangerous than others. The most dangerous country domain is Hong Kong (.hk) with 19.2% of sites posing a security threat to visitors. Second to Hong Kong was China (.cn) with just over 11% of sites found to pose a security threat. The most dangerous generic domain is .info with 11.8% of sites posing a security threat, while government sites (.gov) still remain the safest domains.

The report also revealed that security threats from surfing the Web have increased 41.5% over 2007. So then the question becomes, “how can I protect my Internet users from accessing these sites that are prone to harboring spyware, adware, viruses, etc.?”

There are several steps you can take to help protect your network from a Web-use management perspective.

  1. If you have CyBlock, you can block access to those domains that are the most dangerous by using the wild card option in a custom category. Assuming that access to these domains in your workplace is not needed for the majority of Internet users, then simply blocking the domains is a good way to keep users from accessing them on purpose or on accident. Should a user ever have a need to access a legitimate site with that domain, then it can simply be added to an allow list in either a custom category or one of the other 69 predefined Wavecrest categories that you allow.
  2. If you are using Cyfin, while you can’t block sites with a particular domain, you can still track access to them by using a custom category and running a report against that category to see if there is any activity in those domains.
  3. Also be sure to monitor and/or block the existing Spyware/Malicious, Phishing/Fraud, Public Proxy, and Hacking categories to help protect your network.
  4. Finally, the most important step you can take to ensure that your Internet users are surfing safely is to make them aware of Web security threats and the type of sites that are more likely to harbor them.