Scamadviser analyzed 7 million domain names and discovered that some ISPs, registrars, registries and countries support scammers much more than others.
AMSTERDAM, NETHERLANDS, May 6, 2021 /EINPresswire.com/ — According to previous research the number of online scams increased by 40% last year. For 2021 a similar growth rate is expected due to the Corona pandemic.
Like in the physical world, every criminal has support. Offline, these are production plants, distribution companies, creative accountants, and lawyers (lots of them). Online, they need to register their domain name, host their websites, preferably in a country that does not prioritize fighting cybercrime.
Scamadviser analyzed 7 million domain names and discovered that some hosting companies, registrars (where you register a domain name), registries (the owners of extensions such as .com, .biz and .store) and countries seem to support scammers much more than others.
GoDaddy is one of the most used registrars (and hosting company) worldwide. 3% of the websites which are registered at GoDaddy have a Trust Score equal or lower than 20 (on a scale from 1 to 100). This percentage is in line with the overall average.
However, this percentage is relatively good compared to other registrars. In the last 90 days, 36,000 websites registered on Alibaba were scanned by Scamadviser.com. Of these, 14.3% are considered dubious. This may be due to the very high number of online stores offering fakes or not delivering products with roots in China. However, American based companies like NameSilo (13.2%) and NameCheap (10.5%) likewise do not score well.
If we look at registrars with the lowest average Trust Score, mainly registrars with an Asian background pop-up. Some, like Shanghai Meicheng and Alibaba appear several times as they use different company entities.
Bad Hosting Companies
Apart from a domain name, each website needs an Internet Service Provider (ISP) to host its website. Based on an analysis of data gathered from mid-January to mid-April 2021, hosting company Cloudflare hosts the most domain names with a Trust Score lower than 20.
However, of the largest hosting companies Namecheap performs by far the worst. Of the 47,841 websites analyzed, 8,433 or 17.6% can be considered scammy. Google and GoDaddy on the other hand perform remarkably well with only 1,7% and 2,0% of the websites researched can be considered malicious.
The registrar does not own the domain name it sells to a person or company. Registrars are the ‘middleman’ between the user that licenses a website name and the registry. The registry owns the domain name and is in charge of the general administration of a top level domain such as .com, .biz or .store.
Not surprisingly, the most used extensions are .com, .net and .org. What is remarkable is the relatively high misuse of .co (5.4%) and low misuse of .cn (0.36%). The .co extension is often misused by scammers as it gives potential scam victims the impression that it is a legit .com site. The Chinese country’s top level domain seems hardly misused at all, probably as scammers still focus on victims outside of the Chinese market and prefer extensions more “Western” extensions.
Finally, it is interesting to see which countries host the most scammers. Most websites are using a server which is based in the United States. 3.8% of all websites hosted in this country have a Trust Score lower than 20. Slightly about the total average of 3%.
Countries like Hong Kong (8.2%), Senegal (6.0%), Singapore (5.9%) Canada (5.50%) and Russia (5.0%) are hosting the most scammers of the top 10 countries. Each country seems to have its own “specialization”. Where Hong Kong and Singapore are known for online stores selling fakes or not delivering, Senegal offers financial services and Russian scammers are heavily “investing” in cryptocurrency scams.
How to Fix the Internet?
With 3% of all websites having a Trust Score of less than 20 out of 100, cybercriminals have clearly established themselves on the Internet. The big question is: how to fight them?
Cybercrime largely goes unpunished at this moment. Setting up a malicious website is cheap and very quickly to do. More importantly, the chance of getting caught is near to zero if the criminal operates outside his own country.
Of course, the organizations listed in this article are not criminal. However, their Know Your Customer (KYC) processes leave much to be desired. Some hosting providers, registries, and registrars have improved their KYC policies. The Danish .dk registry for example was able to reduce the number of online stores selling fakes with 80% in one year by just asking for an ID.
Unfortunately, forcing hosting providers, registries, and registrars to have more stringent KYC processes seems a lost cause. If there are a few “bad boys” in the market, scammers will just flock to these players.
Scamadviser is therefore betting on warning consumers via anti-virus software and internet filters about websites with low Trust Scores. Via its partners, the company is already reaching 1 billion users.
About Scamadviser & the Data
Scamadviser is an initiative of the Ecommerce Foundation.
More than 100.000 consumers check Scamadviser.com every day and Scamadviser adds more than 1 million new websites to its database every month. Since 2012, Scamadviser has been developing an algorithm which gives every domain a Trust Score based on 40 different data sources.
The data analysis is based on 7 million recently scanned domains in Scamadviser’s database and its Trust Score. A domain with a Trust Score of 100 is very, very likely legit. A domain that scores a 1 is very, very likely a scam. The average Trust Score is 85 with 3% of all sites scoring less than 20.
The full article and research data can be found here.