How Google’s New Domain Names Can Put Your Security at Risk


google-new-tlds-security-threat

Google wrapped up its I/O event with a host of new product announcements. Including new hardware, software, and initiatives related to artificial intelligence. Google also announced eight new top-level domains (TLD), which are the rightmost part of a domain name like .com or .org. Some of the new TLDs are quirky and fun, like .dad, .phd, .prof, .esq, and .foo. However, two of the new TLDs – .zip and .mov – have raised concerns about security and usability.

These domains are generally used for compressed files and video files. As a result, experts are now concerned that they can be used to trick users to download malicious files.

What is TLD?

Before getting to the meat of the matter, let us clarify what a TLD is. So you will have a clear idea. A top-level domain (TLD) is the last part of a domain name, such as .com, .org, or .net. TLDs are managed by the Internet Corporation for Assigned Names and Numbers (ICANN). ICANN has authority over all TLDs but delegates the responsibility for managing specific TLDs to approved organizationsCom domain on search page

One such organization is Google. So the tech giant can announce new domains itself. Rightfully so, Google just launched new TLDs: .dad, .phd, .prof, .esq, .foo, .nexus, .zip, and .mov. But the implications of having .zip and .mov domain names are worrying since they are commonly used file extensions.

Google’s new TLD (.zip and .mov) could be a threat

Experts are concerned that these new TLDs could be used to trick users into clicking on malicious links. For example, an email message could contain a link to a file named “setup.zip”. At first glance, it appears to be a legitimate software file. But if the link actually points to a .zip website, it could download malware onto the user’s computer. So if someone sends you an email with a link to a .zip file, be careful before clicking on it.

Gizchina News of the week


Google .zip domain for sale

It is clearly not a good idea to set a top level domain (TLD) to a common file extension. This can help phishers and other malicious actors trick people into clicking on malicious links. In fact, a Twitter user says that a 4-year-old YouTube comment containing the text “42.zip” is now converted into a link. He added, “Guess what visiting that domain does? IT AUTOMATICALLY DOWNLOADS THAT ZIP BOMB. (So do not visit)

Google seems very calm on this

Google has responded to concerns regarding the .zip domain with the following statement.

Read Also:  Stay Secure: Discover Android's New Theft Prevention Tools

“The risk of confusion between domain names and file names is not a new one. For example, 3M’s Command products use the domain name command.com. And if you know, .com is also an important program on MS DOS and early versions of Windows. Applications have mitigations for this (such as Google Safe Browsing). These mitigations will hold true for TLD’s such as .zip. At the same time, new namespaces provide expanded opportunities for naming such as community.zip and url.zip. Google takes phishing and malware seriously. Google Registry has existing mechanisms to suspend or remove malicious domains across all of our TLDs, including .zip. We will continue to monitor the usage of .zip and other TLDs and if new threats emerge we will take appropriate action to protect users.”

Personally, I think that Google should have considered the security implications of adding .zip and .mov domains before doing so. These domains are very common and are used by millions of people every day. By adding these new TLDs, Google has created a new opportunity for scammers to target unsuspecting users. But I hope that Google will take steps to mitigate the risks associated with them.

Disclaimer: We may be compensated by some of the companies whose products we talk about, but our articles and reviews are always our honest opinions. For more details, you can check out our editorial guidelines and learn about how we use affiliate links.

Source/VIA :
Previous Xiaomi Civi 3: The Dawn of New Trendy Mobile Phones
Next Can't download videos or photos on WhatsApp? Try these solutions