New domain names such as .shop and .xyz are proving popular for cybercrime

News
By
published

The domains are cheap and offer quick registration

A close-up of an interent search bar with 'http://ww' visible
(Image credit: Getty Images)
  • Report finds new generic top-level domains, such as .xyz, have disproportionally more phishing websites
  • Researchers believe it is because they are affordable and come with very few registration requirements
  • More new domains are being announced, making the risk that much greater

New forms of domain names, such as .top, .shop, or similar, are proving unfortunately popular among scammers and cybercriminals, new research has claimed..

The Cybercrime Supply Chain 2024 report, published by Interisle Consulting Group researchers, used data from the Cybercrime Information Center to analyze 16 million cybercrime events, concluded there is a severe discrepancy between the overall market share of newly created top-level domains, and their use in cybercrime.

New generic top-level domains (gTLDs), introduced wihin the last few years, currently make up 11% of the total domain name market - yet, the report found they accounted for more than a third (37%) of cybercrime domains. At the same time, more “traditional” domains, such as .com, .net, .org, and similar, make up more than half of the total domain name market, yet account for slightly more than 40% of cybercrime domains, almost the same as gTLDs.

Cheap and simple

Drilling deeper into the reasons for this discrepancy, the researchers established that new gTLDs try to attract customers with cheap prices and a fast registration process. In fact, the researcher said that some of the gTLDs with the highest cybercrime domain score offered registrations for less than $1, or $2. The cheapest price for a .com domain they could find was $5.91.

Cybercriminals use these domains to create fake websites, infostealing landing pages, and more. Paired with cheap email distribution, phishing attacks cost the threat actors virtually nothing, while at the same time resulting in hundreds of thousands of dollars in damages, if not more.

Analyzing the report, Krebs on Security noted phishing attacks increased nearly 40% in the year ending August 2024, demonstrating the popularity of this attack vector among cybercriminals. And with new gTLDs soon to be introduced, these types of attacks will most likely spread even more, and cause even more damage.

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Criminals are abusing top-level government domains across multiple countries
Flags of Iran, China, Russia and North Korea on a wall. China North Korea Iran Russia alliance
Cybercrime is helping fund rogue nations across the world - and it's only going to get worse, Google warns
Fraude en ligne phishing
Phishing clicks nearly tripled in 2024 as criminals aim for smarter attacks
Best India VPN
Indian banks are getting a whole new domain to combat fraud
mobile phone
Forget phishing, now "mishing" is the new security threat to worry about
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
Everything you need to know about phishing
Latest in Security
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
Nation-state threats are targeting UK AI research
Application Security Testing Concept with Digital Magnifying Glass Scanning Applications to Detect Vulnerabilities - AST - Process of Making Apps Resistant to Security Threats - 3D Illustration
Google bug bounty payments hit nearly $12 million in 2024
Scam alert
A new SMS energy scam is using Elon Musk’s face to steal your money
Representational image of a cybercriminal
Criminals are spreading malware disguised as DeepSeek AI
AMD logo
Security flaw means AMD Zen CPUs can be "jailbroken"
healthcare
Software bug meant NHS information was potentially “vulnerable to hackers”
Latest in News
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
Nation-state threats are targeting UK AI research
iOS 18 Control Center
iOS 19: the 3 biggest rumors so far, and what I want to see
Doom: The Dark Ages
Doom: The Dark Ages' director confirms DLC is in the works and says the game won't end the way 2016's Doom begins: 'If we took it all the way to that point, then that would mean that we couldn't tell any more medieval stories'
DVDs in a pile
Warner Bros is replacing some DVDs that ‘rot’ and become unwatchable – but there’s a big catch that undermines the value of physical media
A costumed Matt Murdock smiles at someone off-camera in Netflix's Daredevil TV show
Daredevil: Born Again is Disney+'s biggest series of 2025 so far, but another Marvel TV show has performed even better
Application Security Testing Concept with Digital Magnifying Glass Scanning Applications to Detect Vulnerabilities - AST - Process of Making Apps Resistant to Security Threats - 3D Illustration
Google bug bounty payments hit nearly $12 million in 2024
More about security
Scam alert

A new SMS energy scam is using Elon Musk’s face to steal your money
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.

Nation-state threats are targeting UK AI research
Cowabunga, dude!

Teenage Mutant Ninja Turtles: Shredder’s Revenge, a nostalgic beat-em-up with beautiful pixel graphics, is finally coming to mobile next month
See more latest
Most Popular
Cowabunga, dude!
Teenage Mutant Ninja Turtles: Shredder’s Revenge, a nostalgic beat-em-up with beautiful pixel graphics, is finally coming to mobile next month
Empirical Health biomarkers
This new health protocol combines 40 smartwatch biomarkers and blood tests to give you a health score
LG C5 OLED T V with forest road and car on screen
LG reveals US pricing for the LG G5 and LG C5 OLED TVs, and it's great news for OLED fans
Scam alert
A new SMS energy scam is using Elon Musk’s face to steal your money
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
Nation-state threats are targeting UK AI research
Doom: The Dark Ages
Doom: The Dark Ages' director confirms DLC is in the works and says the game won't end the way 2016's Doom begins: 'If we took it all the way to that point, then that would mean that we couldn't tell any more medieval stories'
iOS 18 Control Center
iOS 19: the 3 biggest rumors so far, and what I want to see
Application Security Testing Concept with Digital Magnifying Glass Scanning Applications to Detect Vulnerabilities - AST - Process of Making Apps Resistant to Security Threats - 3D Illustration
Google bug bounty payments hit nearly $12 million in 2024
The Fluance Ri71 speaker in a wood finish, in front of a plant
Fluance's new active stereo speakers look like a dream soundbar alternative, as well as being perfect for turntables or Bluetooth music
DVDs in a pile
Warner Bros is replacing some DVDs that ‘rot’ and become unwatchable – but there’s a big catch that undermines the value of physical media