RAP Tests
When you type a website address, or URL, into your browser, you probably don't think much about the last few letters, right? That little suffix—the .com, .org, or .net—is called a Top-Level Domain (TLD). For years, these TLDs were limited and very familiar. But the internet is a big place now, and new TLDs have exploded onto the scene, giving us options like .shop, .tech, and even .ninja.
While many of these new extensions are perfectly legitimate, some have become digital red flags. You need to start paying attention to them, because they can be a quick indicator that you’re about to click into a dangerous neighborhood.
Not All TLDs Are Created Equal
The problem is that the relaxed rules for creating and registering these newer TLDs have been widely exploited by cybercriminals. They love using fresh TLDs because it allows them to set up huge numbers of disposable, malicious websites very cheaply and quickly.
For example, reputable sites usually stick to the classic TLDs. A well-known company will be [Company].com, not [Company].xyz or [Company].download. When you see one of the unusual TLDs, you should immediately raise your internal security alarm.
The Most Suspicious Suffixes
While you should exercise caution with any unfamiliar TLD, security experts have identified a few that are almost exclusively associated with suspicious or outright malicious activity, particularly spam distribution and malware downloads.
Be especially wary if you see these TLDs in your search results, in an email link, or in an unexpected pop-up:
- .country
- .stream
- .download
Why these three in particular? They are often used to host drive-by download sites, where just visiting the page can start downloading malware, or they host spam and phishing content designed to trick you out of your personal information. If you encounter a link ending in one of these, do not click it.
How to Protect Yourself Today
Protecting yourself requires two simple, active steps:
- Look Before You Leap: Before clicking any link—whether it’s in an email, a social media post, or a message—take a second to look at the full web address. If the TLD looks strange or is on the list above, hover your cursor over the link to see the URL pop up, and think twice before proceeding.
- Trust Your Gut: If a website you land on has a generic or suspicious TLD and immediately demands personal information or starts a file download, close the tab immediately. Your instinct is your best defense.
By simply taking notice of the few letters at the end of a web address, you can significantly reduce your risk of stumbling into a cybersecurity trap. Keep an eye on those TLDs and keep your devices safe!
