Online security is a nightmare these days, with all the viruses, phishing, drive-by downloads, pop-ups, and other malware out there. How bad is it? The Bad Guys blog was struck by an intriguing study this month by SiteAdvisor, the Web security firm owned by McAfee. Researchers set out to chart the Internet's worst "domains"those suffixes you find at the end of Web addresses, such as those by country (.br for Brazil) and generic (.com or .org). Called Mapping the Mal Web, their report looked at 265 top level domains (TLDs) worldwide and came up with some telling numbers:
• For major country domains, the riskiest ones are Romania (.ro) with 5.6 percent risky sites and Russia (.ru) with 4.5 percent risky sites.
• Island nations, known for offering free or anonymous registration, ranked highest on the danger list. Among them: Sao Tome/Principe (.st) off Africa, at a whopping 19 percent; Tokelau (.tk) in the South Pacific, at 10 percent; the Turks and Caicos (.tc) in the Caribbean, also at 10 percent; and the South Georgia/South Sandwich Islands (.gs) near Antartica, at 9 percent.
• For generic domains, the riskiest TLD is .info8 percent of its sites are rated as risky. Coming in second is the ubiquitous ".com," with 6 percent.
• The least risky sites are hosted by those honest Scandinavians. Four of the five best rated are Nordic countriesFinland, Norway, Sweden, and Iceland. Also in the top five: Ireland.
• Safest place on the Web: ".gov." Restricted to U.S. government agencies, it was the only TLD in which no risky sites were found.
• Worst places to download: Samoa (.ws), .biz, and Bulgaria (.bg). Web users randomly downloading from these domains face at least a 1 in 10 chance of dealing with a risky site.
• Worst places for spam: .info. "A stunning 73.2 percent of the more than 6,000 .info sites that we have tested for E-mail practices are rated risky," the report says. Trailing .info are Russia (at 22 percent) and South Korea (at 20 percent). In other words, consumers who offer their E-mail addresses to randomly chosen sites in those domains risk a blizzard of unwanted E-mail.
Bottom line: Think twice about that Bulgarian download and registering at .info sites. It's a virtual jungle out there.