More than 5% of newly registered domain names are being used for abuse

Architelos Inc. announced the publication of the third NameSentry NameSpace Quality Report.  The report measures the comparative safety of the Internet’s largest Top Level Domains (TLDs) by measuring the concentration of spam, phishing, botnets, and malware in each TLD from January 2013 to March 2014. The research is based on data from the NameSentry℠ Abuse Detection and Mitigation Service, which tracks abuse across the Internet’s namespace.
The report rates and ranks the 72 largest TLDs, which together account for 99% of domain names on the Internet. The findings indicate a significant increase in abuse over 2013, with the number of domain names added to abuse blocklists increasing from 62% from January 2013 to December of 2013.  Virtually all domain names added to these blocklists were registered specifically to perpetrate abuse, underlining the preference of bad actors to register, use, and then move on to other new domain names. At least 5% of newly registered domain names are being used to perpetrate security threats during their initial year of existence. The NameSentry Namespace Quality Report is freely available for download at
  • The number of domain names added to abuse blocklists per month increased 62% from January 2013 to December 2013. This indicates a rising amount of abuse across the world domain space.
  • An estimated 5.0% of new domains were listed for abuse. Virtually all listed domains are new, i.e. were within their first year of registration. By February 2014, there were approximately 275 million domain names in the world’s registries. Assuming a worldwide 75% renewal rate (slightly higher than the .com/.net renewal rate) coupled with the 8% growth in the world TLD space, that means that approximately 7.6 million new domains were being created per month. In 2013, an average of 377,000 domains were added to the blocklists per month, or 5.0% of the total domains created.
  • In comparison to the prior year (December 2012 through December 2013), the number of actively listed abusive domains increased from approximately 1 million to 1.3 million, for a 30% increase. This means that about 0.4% of the 275 million domain names in the world’s registries are blocklisted at any point in time.
  • The total number of abusive domains listed at the end of December 2013 increased 29% when compared to the total number of abusive domains listed at the end of December 2012.
Summary Highlights of the March 2014 NameSentry Namespace Quality Index (NQI) Report:
• 0.46% of sites on the Internet are listed as abusive
• This is an overall quality rating of Orange or Caution for the Internet
• Safest ranked TLDs are .tel and .ch (Switzerland)
• Bottom ranked TLDs are .mobi and .asia
• Biggest winner is .de (Germany) with 85% percent improvement
• Biggest loser is .ws (Samoa) TLD with an 2013% decline
• The largest TLD .com has 0.44% sites listed abusive, ranking 58 out of 72 TLDs
Namespace Quality Index (NQI) and Biggest Winners and LosersThe concept of NQI introduced in the first report, established a consistent and transparent means to measure relative safety.  NQI measures the relative concentration of abusive domain names in any given namespace.   Specifi­cally, NQI is measured by the number of unique 2nd level or 3rd level domains that were flagged for at least one type of abuse, per million domains under management.  Less than 100 abuses per million receives a “Green/Excellent” rating, while more than 10,000 abuses per million receives a “Red/Risk” rating.Of the 72 TLDs, 58% score a rating of “Yellow/Good”, 25% score “Orange/Caution”, 14% score “Red/Risk”, and only 3% score “Green/Excellent”. The top ranked or safest TLDs were .tel and .ch, while the bottom two TLDs were .mobi and .asia.   The analysis also covers significant changes in NQI for 72 TLDs and the resulting change in rank compared to the report published in November of 2014. The biggest winner was the .de country code TLD (Germany) who improved from a rank of 54 in Nov 2013 to a rank of 16 in Mar 2014.   The biggest loser was .ws country code TLD (Samoa) with a 2013% decline.About Architelos, Inc.Architelos, Inc. provides SaaS-based TLD managed services solutions, and strategic consulting for clients in the domain name (DNS) industry.  NameSentry, a patent-pending abuse detection and mitigation service, is the second SaaS based service launched by the company, after Business Case Builder in 2011.  Architelos is unique in having over 30 years of experience in building, launching, and managing multi-million name gTLDs.  Clients include new gTLDs, as well as existing generic Top Level Domain (gTLD) and Country Code (ccTLD) registries.   Architelos has locations in Leesburg (VA), Los Angeles, (CA), Toronto (Canada) and Dublin (Ireland), as well as data centers in Toronto and Los Angeles.  For more info follow Architelos on Twitter and Facebook or linkedIn

About Konstantinos Zournas

I studied Computer Engineering and Computer Science in London, UK and I am now living in Athens, Greece. I went online in 1995, started coding in 1996 and began buying domain names and creating websites in 2000. I started the blog in 2012.


  1. Speaking of abuse, how about the developments regarding the ‘secret domain society’…….I don’t believe you are a member, due to the fact that the ring leader commented and blogged about you recieving very minimal votes for awards……Looks like some of us were correct when we called it ‘rigged’…..

  2. It sounds like you were regarded as a “prospect” and never given full access…….It is good you did not become involved in the ill conceived actions at the DBR Secret Domain Society…..That is some nasty stuff going on over there…….

  3. We have been in a good conversation over at Elliot’s…..Seems he put me on block for speaking against the Secret Domain Society……

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.